An error occurred:

Check: EDGE-00-000001

Microsoft Edge STIG: EDGE-00-000001 (in version v2 r2)

Title

User control of proxy settings must be disabled. (Cat III impact)

Discussion

This action configures the proxy settings for Microsoft Edge. If this policy is enabled, Microsoft Edge ignores all proxy-related options specified from the command line. If this policy is not configured, users can choose their own proxy settings. This policy overrides the following individual policies: - ProxyMode - ProxyPacUrl - ProxyServer - ProxyBypassList Setting the ProxySettings policy accepts the following fields: - ProxyMode, which allows for the proxy server used by Microsoft Edge to be specified and prevents users from changing proxy settings. - ProxyPacUrl, a URL to a proxy .pac file. - ProxyServer, a URL for the proxy server. - ProxyBypassList, a list of proxy hosts that Microsoft Edge bypasses. For ProxyMode, the following values have the noted impact: - direct, a proxy is never used and all other fields are ignored. - system, the system's proxy is used and all other fields are ignored. - auto_detect, all other fields are ignored. - fixed_servers, the ProxyServer and ProxyBypassList fields are used. - pac_script, the ProxyPacUrl and ProxyBypassList fields are used.

Check Content

The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Proxy server/Proxy Settings" must be “Enabled”, and have a “Proxy Settings” value defined for "ProxyMode". "ProxyMode" must be defined and set to one of the following: "direct", "system", "auto_detect", "fixed_servers", or "pac_script". Consult Microsoft documentaion for proper configuration of the text string required to define the "Proxy Settings" value. Example: {"ProxyMode": "fixed_servers", "ProxyServer": "123.123.123.123:8080"} Values for "ProxyPacUrl", "ProxyServer", or "ProxyBypassList" are optional. Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the REG_SZ value for "ProxySettings" does not have "ProxyMode" configured, this is a finding.

Fix Text

Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Proxy server/Proxy Settings" to "Enabled" and define a value for "ProxyMode". "ProxyMode" must be defined and set to one of the following: "direct", "system", "auto_detect", "fixed_servers", or "pac_script". Consult Microsoft documentaion for proper configuration of the text string required to define the "Proxy Settings" value. Example: {"ProxyMode": "fixed_servers", "ProxyServer": "123.123.123.123:8080"} "ProxyPacUrl", "ProxyServer", or "ProxyBypassList" are optional.

Additional Identifiers

Rule ID: SV-235719r1007484_rule

Vulnerability ID: V-235719

Group Title: SRG-APP-000039

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001414

Enforce approved authorizations for controlling the flow of information between connected systems based on organization-defined information flow control policies.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-4

Information Flow Enforcement