Title

Browser must retain history on exit. (Cat II impact)

Discussion

Delete Browsing History on exit automatically deletes specified items when the last browser window closes. Disabling this function will prevent users from deleting their browsing history, which could be used to identify malicious web sites and files that could later be used for anti-virus and intrusion detection system (IDS) signatures. Furthermore, preventing users from deleting browsing history could be used to identify abusive web surfing on government systems.

Check Content

The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Delete Browsing History -> “Configure Delete Browsing History on exit” must be “Disabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Internet Explorer\Privacy Criteria: If the value ClearBrowsingHistoryOnExit is REG_DWORD = 0, this is not a finding.

Fix Text

Set the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Delete Browsing History -> “Configure Delete Browsing History on exit” to “Disabled”.

Additional Identifiers

Rule ID: SV-40707r1_rule

Vulnerability ID: V-22148

Group Title: DTBI760 - Browsing History on exit

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.