Check: 5.230
Windows Vista STIG:
5.230
(in versions v6 r42 through v6 r41)
Title
Online Assistance – Untrusted Content (Cat II impact)
Discussion
This check verifies that untrusted content is not rendered for online assistance.
Check Content
If the following registry value doesn’t exist or is not configured as specified this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Subkey: \Software\Policies\Microsoft\Assistance\Client\1.0\ Value Name: NoUntrustedContent Type: REG_DWORD Value: 1
Fix Text
Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Online Assistance “Turn off Untrusted Content” to “Enabled”.
Additional Identifiers
Rule ID: SV-16649r2_rule
Vulnerability ID: V-15710
Group Title: Online Assistance – Untrusted Content
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| CCI-000366 |
The organization implements the security configuration settings. |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| CM-6 |
Configuration Settings |