STIGQter STIGQter: STIG Summary: Windows Server 2012/2012 R2 Member Server Security Technical Implementation Guide Version: 2 Release: 17 Benchmark Date: 25 Oct 2019: Attachments must be prevented from being downloaded from RSS feeds.

DISA Rule

SV-53040r1_rule

Vulnerability Number

V-15682

Group Title

RSS Attachment Downloads

Rule Version

WN12-CC-000105

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> RSS Feeds -> "Prevent downloading of enclosures" to "Enabled".

Check Contents

If the following registry value does not exist or is not configured as specified, this is a finding:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Policies\Microsoft\Internet Explorer\Feeds\

Value Name: DisableEnclosureDownload

Type: REG_DWORD
Value: 1

Vulnerability Number

V-15682

Documentable

False

Rule Version

WN12-CC-000105

Severity Override Guidance

If the following registry value does not exist or is not configured as specified, this is a finding:

Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \Software\Policies\Microsoft\Internet Explorer\Feeds\

Value Name: DisableEnclosureDownload

Type: REG_DWORD
Value: 1

Check Content Reference

M

Target Key

2350

Comments