Title

The URL to be displayed for checking updates to Internet Explorer and Internet Tools must be about:blank. (Cat II impact)

Discussion

This policy setting allows checking for updates for Internet Explorer from the specified URL, included by default in Internet Explorer. If you enable this policy setting, users will not be able to change the URL to be displayed for checking updates to Internet Explorer and Internet Tools. The URL must be specified to be displayed for checking updates to Internet Explorer and Internet Tools. If you disable or do not configure this policy setting, users will be able to change the URL to be displayed for checking updates to Internet Explorer and Internet Tools.

Check Content

The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Settings -> Component Updates -> Periodic check for updates to Internet Explorer and Internet Tools -> "Turn off changing the URL to be displayed for checking updates to Internet Explorer and Internet Tools" must be “Enabled” with a "blank or empty" selection box. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Internet Explorer\Main Criteria: The Update_Check_Page value must exist. The value must contain no data value. If the value Update_Check_Page is not present, this is a finding.

Fix Text

Set the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Settings -> Component Updates -> Periodic check for updates to Internet Explorer and Internet Tools -> "Turn off changing the URL to be displayed for checking updates to Internet Explorer and Internet Tools" to “Enabled” with a "blank or empty" selection box.

Additional Identifiers

Rule ID: SV-40680r1_rule

Vulnerability ID: V-15563

Group Title: DTBI675 - Displaying URL's for update checking

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.