Navigate

Check: EDGE-00-000015

Microsoft Edge STIG: EDGE-00-000015 (in versions v1 r8 through v1 r1)

Title

Importing of cookies must be disabled. (Cat II impact)

Discussion

Allows users to import cookies from another browser into Microsoft Edge. If this policy is disabled, cookies are not imported on first run. If this policy is not configured, cookies are imported on first run.

Check Content

The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of cookies" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportCookies" is not set to "REG_DWORD = 0", this is a finding.

Fix Text

Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of cookies" to "disabled".

Additional Identifiers

Rule ID: SV-235732r879587_rule

Vulnerability ID: V-235732

Group Title: SRG-APP-000141

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000381	The organization configures the information system to provide only essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-7	Least Functionality