Check: DTBI695
Microsoft IE Version 7:
DTBI695
(in version v4 r20)
Title
Disable external branding of Internet Explorer is not enabled. (Cat II impact)
Discussion
Prevents branding of Internet programs, such as customization of Internet Explorer and Outlook Express logos and title bars, by another party. If you enable this policy, it prevents customization of the browser by another party, such as an Internet service provider or Internet content provider. If you disable this policy or do not configure it, users could install customizations from another party-for example, when signing up for Internet services. This policy is intended for administrators who want to maintain a consistent browser across an organization.
Check Content
The policy value for User Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> "Disable external branding of Internet Explorer" will be set to “Enabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions Criteria: If the value NoExternalBranding is REG_DWORD = 1, this is not a finding.
Fix Text
The policy value for User Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> "Disable external branding of Internet Explorer" will be set to “Enabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions Criteria: Set the value NoExternalBranding to REG_DWORD = 1.
Additional Identifiers
Rule ID: SV-16422r1_rule
Vulnerability ID: V-15575
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |