V-44745 | High | The running of outdated plugins must be disabled. | Running outdated plugins could lead to system compromise through the use of known exploits. Having plugins that updated to the most current version ensures the smallest attack surfuce possible. If... |
V-44749 | High | Plugins requiring authorization must ask for user permission. | Policy allows Google Chrome to run plugins that require authorization. If you enable this setting, plugins that are not outdated will always run. If this setting is disabled or not set, users will... |
V-44799 | Medium | Session only based cookies must be disabled. | Policy allows you to set a list of URL patterns that specify sites which are allowed to set session only cookies. If this policy is left not set the global default value will be used for all sites... |
V-44737 | Medium | Default search provider must be enabled. | Policy enables the use of a default search provider. If you enable this setting, a default search is performed when the user types text in the omnibox that is not a URL. You can specify the... |
V-44757 | Medium | 3D Graphics APIs must be disabled. | Disable support for 3D graphics APIs. Enabling this setting prevents web pages from accessing the graphics processing unit (GPU). Specifically, web pages cannot access the WebGL API and plugins... |
V-44733 | Medium | The default search providers name must be set. | Specifies the name of the default search provider that is to be used, if left empty or not set, the host name specified by the search URL will be used. This policy is only considered if the... |
V-44735 | Medium | The default search provider URL must be set to perform encrypted searches.
| Specifies the URL of the search engine used when doing a default search. The URL should contain the string '{searchTerms}', which will be replaced at query time by the terms the user is searching... |
V-44773 | Medium | Search suggestions must be disabled. | Search suggestion should be disabled as it could lead to searches being conducted that were never intended to be made. Enables search suggestions in Google Chrome's omnibox and prevents users from... |
V-44777 | Medium | Incognito mode must be disabled. | Incognito mode allows the user to browse the Internet without recording their browsing history/activity. From a forensics perspective, this is unacceptable. Best practice requires that browser... |
V-44759 | Medium | Google Data Synchronization must be disabled. | Disables data synchronization in Google Chrome using Google-hosted synchronization services and prevents users from changing this setting. If you enable this setting, users cannot change or... |
V-44793 | Medium | Browser history must be saved. | This policy disables saving browser history in Google Chrome and prevents users from changing this setting. If this setting is enabled, browsing history is not saved. If this setting is disabled... |
V-44711 | Medium | Firewall traversal from remote host must be disabled. | Remote connections should never be allowed that bypass the firewall, as there is no way to verify if they can be trusted. Enables usage of STUN and relay servers when remote clients are trying to... |
V-44795 | Medium | Default behavior must block webpages from automatically running plugins. | This policy allows you to set whether websites are allowed to automatically run plugins. Automatically running plugins can be either allowed for all websites or denied for all websites. If this... |
V-44775 | Medium | Importing of saved passwords must be disabled. | Importing of saved passwords should be disabled as it could lead to unencrypted account passwords stored on the system from another browser to be viewed. This policy forces the saved passwords to... |
V-44801 | Medium | The home page must be set to a trusted site. | When a browser is started the first web page displayed is the "home page". While the home page can be selected by the user, the default home page needs to be defined to display an approved page. ... |
V-44771 | Medium | Metrics reporting to Google must be disabled. | Enables anonymous reporting of usage and crash-related data about Google Chrome to Google and prevents users from changing this setting. If you enable this setting, anonymous reporting of usage... |
V-44805 | Medium | Browser must support auto-updates. | One of the most effective defenses against exploitation of browser vulnerabilities is to ensure the version of the browser is current. Frequent updates provide corrections to discovered... |
V-52795 | Medium | URLs must be whitelisted for plugin use | |
V-44739 | Medium | Use of cleartext passwords in the Password Manager must be disabled. | Cleartext passwords would allow another individual to see password via shoulder surfing. This policy controls whether the user may show passwords in clear text in the password manager. If you... |
V-44763 | Medium | AutoFill must be disabled. | This AutoComplete feature suggests possible matches when users are filling in forms. It is possible that this feature will cache sensitive data and store it in the user's profile, where it might... |
V-44723 | Medium | Site tracking users location must be disabled. | Website tracking is the practice of gathering information as to which websites were accesses by a browser. The common method of doing this is to have a website create a tracking cookie on the... |
V-44791 | Medium | Safe Browsing must be enabled, | Enables Google Chrome's Safe Browsing feature and prevents users from changing this setting. If you enable this setting, Safe Browsing is always active. If you disable this setting, Safe Browsing... |
V-44727 | Medium | Extensions installation must be blacklisted by default. | Extensions are developed by third party sources and are designed to extend Google Chrome's functionality. An extension can be made by anyone, to do and access almost anything on a system; this... |
V-44729 | Medium | Extensions that are approved for use must be whitelisted.
| The whitelist should only contain organizationally approved extensions. This is to prevent a user from accidently whitelisitng a malicious extension. This policy allows you to specify which... |
V-44787 | Medium | Automated installation of missing plugins must be disabled. | The automatic search and installation of missing or not installed plugins should be disabled as this can cause significant risk if a unapproved or vulnerable plugin were to be installed without... |
V-44781 | Medium | Plugins must be disabled by default. | Specifies a list of plugins that are disabled in Google Chrome and prevents users from changing this setting. The wildcard characters * and ? can be used to match sequences of arbitrary... |
V-44769 | Medium | Network prediction must be disabled. | Enables network prediction in Google Chrome and prevents users from changing this setting. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If... |
V-44783 | Medium | Plugins approved for use must be enabled. | Policy specifies a list of plugins that are enabled in Google Chrome and prevents users from changing this setting. The wildcard characters '*' and '?' can be used to match sequences of arbitrary... |
V-44741 | Medium | The Password Manager must be disabled. | Enables saving passwords and using saved passwords in Google Chrome. Malicious sites may take advantage of this feature by using hidden fields gain access to the stored information. If you enable... |
V-44743 | Medium | The HTTP Authentication must be set to negotiate. | Specifies which HTTP Authentication schemes are supported by Google Chrome. Possible values are 'basic', 'digest', 'ntlm' and 'negotiate'. Separate multiple values with commas. If this policy is... |
V-44789 | Medium | Online revocation checks must be done. | By setting this policy to true, the previous behavior is restored and online OCSP/CRL checks will be performed. If the policy is not set, or is set to false, then Chrome will not perform online... |
V-44761 | Medium | The URL protocol schema javascript must be disabled. | Each access to a URL is handled by the browser according to the URL's "scheme". The "scheme" of a URL is the section before the ":". The term "protocol" is often mistakenly used for a "scheme".... |
V-44719 | Medium | Sites ability to show pop-ups must be disabled. | Chrome allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not blocked. If you enable this policy setting, most unwanted... |
V-44765 | Medium | Cloud print sharing must be disabled. | Policy enables Google Chrome to act as a proxy between Google Cloud Print and legacy printers connected to the machine. If this setting is enabled or not configured, users can enable the cloud... |
V-44753 | Medium | Background processing must be disabled. | Determines whether a Google Chrome process is started on OS login that keeps running when the last browser window is closed, allowing background apps to remain active. The background process... |
V-44751 | Low | Third party cookies must be blocked. | Third party cookies are cookies which can be set by web page elements that are not from the domain that is in the browser's address bar. Enabling this setting prevents cookies from being set by... |
V-44713 | Low | Sites ability for showing desktop notifications must be disabled. | Chrome by default allows websites to display notifications on the desktop. This check allows you to set whether or not this is permitted. Displaying desktop notifications can be allowed by... |