Check: EDGE-00-000004
      
      
        
  Microsoft Edge STIG:
  EDGE-00-000004
  
    (in versions v2 r3 through v1 r6)
  
      
      
    
  Title
The list of domains for which Microsoft Defender SmartScreen will not trigger warnings must be allowlisted if used. (Cat III impact)
Discussion
Configure the list of Microsoft Defender SmartScreen trusted domains. This means Microsoft Defender SmartScreen will not check for potentially malicious resources, such as phishing software and other malware, if the source URLs match these domains. The Microsoft Defender SmartScreen download protection service will not check downloads hosted on these domains. If this policy is enabled, Microsoft Defender SmartScreen trusts these domains. If the policy is disabled or not set, default Microsoft Defender SmartScreen protection is applied to all resources.
Check Content
If this machine is on SIPRNet, this is Not Applicable. This requirement for "SmartScreenAllowListDomains" is not required; this is optional. The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen won't trigger warnings" may be set to "allow" for allowlisted domains. Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge SmartScreenAllowListDomains may be set as follows: HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\1 = mydomain.com HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\2 = myagency.mil If configured, the list of domains for which Microsoft Defender SmartScreen will not trigger warnings may be allowlisted.
Fix Text
The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen will not trigger warnings" may be set to "allow" for allowlisted domains.
Additional Identifiers
Rule ID: SV-235722r960852_rule
Vulnerability ID: V-235722
Group Title: SRG-APP-000073
Expert Comments
      
        
        
      
      
        
  CCIs
      
      
        
        
      
    
  | Number | Definition | 
|---|---|
| CCI-000870 | Check media containing diagnostic and test programs for malicious code before the media are used in the system. | 
      
        
        
      
      
        
  Controls
      
      
        
        
      
    
  | Number | Title | 
|---|---|
| MA-3(2) | Inspect Media |