Check: 5.230
Windows 2008 Domain Controller STIG:
5.230
(in versions v6 r47 through v6 r35)
Title
Online Assistance – Untrusted Content (Cat II impact)
Discussion
This check verifies that untrusted content is not rendered for online assistance.
Check Content
If the following registry value doesn’t exist or is not configured as specified this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Subkey: \Software\Policies\Microsoft\Assistance\Client\1.0\ Value Name: NoUntrustedContent Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Online Assistance “Turn off Untrusted Content” to “Enabled”.
Additional Identifiers
Rule ID: SV-29566r1_rule
Vulnerability ID: V-15710
Group Title: Online Assistance – Untrusted Content
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
Implement the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |