UCF STIG Viewer Logo

Microsoft Edge Security Technical Implementation Guide


Overview

Date Finding Count (56)
2021-11-19 CAT I (High): 2 CAT II (Med): 48 CAT III (Low): 6
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Classified)

Finding ID Severity Title
V-235759 High Edge must be configured to allow only TLS.
V-235758 High The version of Microsoft Edge running on the system must be a supported version.
V-235740 Medium Importing of shortcuts must be disabled.
V-246736 Medium Use of the QUIC protocol must be disabled.
V-235733 Medium Importing of extensions must be disabled.
V-235750 Medium Browser history must be saved.
V-235739 Medium Importing of search engine settings must be disabled.
V-235738 Medium Importing of saved passwords must be disabled.
V-235737 Medium Importing of payment info must be disabled.
V-235736 Medium Importing of open tabs must be disabled.
V-235735 Medium Importing of home page settings must be disabled.
V-235755 Medium Extensions that are approved for use must be allowlisted.
V-235732 Medium Importing of cookies must be disabled.
V-235730 Medium Importing of autofill form data must be disabled.
V-235773 Medium Relaunch notification must be required.
V-235772 Medium Guest mode must be disabled.
V-235771 Medium The Share Experience feature must be disabled.
V-235734 Medium Importing of browsing history must be disabled.
V-251694 Medium The list of domains media autoplay allows must be allowlisted.
V-235774 Medium The built-in DNS client must be disabled.
V-235719 Medium User control of proxy settings must be disabled.
V-235754 Medium Extensions installation must be blocklisted by default.
V-235753 Medium URLs must be whitelisted for plugin use.
V-235756 Medium The Password Manager must be disabled.
V-235746 Medium Autofill for addresses must be disabled.
V-235745 Medium Autofill for Credit Cards must be disabled.
V-235747 Medium Online revocation checks must be performed.
V-235742 Medium WebUSB must be disabled.
V-235770 Medium The collections feature must be disabled.
V-235728 Medium Network prediction must be disabled.
V-235729 Medium Search suggestions must be disabled.
V-235724 Medium Background processing must be disabled.
V-235725 Medium The ability of sites to show pop-ups must be disabled.
V-235726 Medium The default search provider must be set to use an encrypted connection.
V-235720 Medium Bypassing Microsoft Defender SmartScreen prompts for sites must be disabled.
V-235721 Medium Bypassing of Microsoft Defender SmartScreen warnings about downloads must be disabled.
V-235723 Medium InPrivate mode must be disabled.
V-235760 Medium Site isolation for every site must be enabled.
V-235761 Medium Supported authentication schemes must be configured.
V-235744 Medium Web Bluetooth API must be disabled.
V-235763 Medium Microsoft Defender SmartScreen must be enabled.
V-235764 Medium Microsoft Defender SmartScreen must be configured to block potentially unwanted apps.
V-235743 Medium Google Cast must be disabled.
V-235766 Medium Tracking of browsing activity must be disabled.
V-235767 Medium A website's ability to query for payment methods must be disabled.
V-235768 Medium Suggestions of similar web pages in the event of a navigation error must be disabled.
V-235769 Medium User feedback must be disabled.
V-235741 Medium Autoplay must be disabled.
V-235748 Medium Personalization of ads, search, and news by sending browsing history to Microsoft must be disabled.
V-235749 Medium Site tracking of a user’s location must be disabled.
V-235752 Low Download restrictions must be configured.
V-235731 Low Importing of browser settings must be disabled.
V-235765 Low The download location prompt must be configured.
V-235727 Low Data Synchronization must be disabled.
V-235722 Low The list of domains for which Microsoft Defender SmartScreen will not trigger warnings must be whitelisted if used.
V-235751 Low Edge development tools must be disabled.