STIGQter: STIG Summary: Microsoft Edge Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 14 Jan 2021:

Bypassing of Microsoft Defender SmartScreen warnings about downloads must be disabled.

DISA Rule

SV-235721r626523_rule

Vulnerability Number

V-235721

Group Title

SRG-APP-000073

Rule Version

EDGE-00-000003

Severity

CAT II

CCI(s)

• CCI-000870 - The organization checks media containing diagnostic and test programs for malicious code before the media are used in the information system.

Weight

10

Fix Recommendation

Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads" must to "enabled".

Check Contents

The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads" must be set to "enabled".

Use the Windows Registry Editor to navigate to the following key:
HKLM\SOFTWARE\Policies\Microsoft\Edge

If the value for "PreventSmartScreenPromptOverrideForFiles" is not set to "enabled", this is a finding.

If this machine is on SIPRNet, this is Not Applicable.

Vulnerability Number

V-235721

Documentable

False

Rule Version

EDGE-00-000003

Severity Override Guidance

The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads" must be set to "enabled".

Use the Windows Registry Editor to navigate to the following key:
HKLM\SOFTWARE\Policies\Microsoft\Edge

If the value for "PreventSmartScreenPromptOverrideForFiles" is not set to "enabled", this is a finding.

If this machine is on SIPRNet, this is Not Applicable.

Check Content Reference

M

Target Key

5280

Comments