Personalization of ads, search, and news by sending browsing history to Microsoft must be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-235748 | EDGE-00-000031 | SV-235748r960963_rule | CCI-000381 | medium |
| Description | ||||
| This policy prevents Microsoft from collecting a user's Microsoft Edge browsing history to be used for personalizing advertising, search, news and other Microsoft services. This setting is only available for users with a Microsoft account. This setting is not available for child accounts or enterprise accounts. If this policy is disabled, users cannot change or override the setting. If this policy is enabled or not configured, Microsoft Edge will default to the user's preference. | ||||
| STIG | Date | |||
| Microsoft Edge Security Technical Implementation Guide | 2025-05-15 | |||
Related Frameworks
3 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-7
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1711 mapping
3.4.6
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000381
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-235748r960963_chk)
The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow personalization of ads, search and news by sending browsing history to Microsoft" must be set to "disabled".
Use the Windows Registry Editor to navigate to the following key:
HKLM\SOFTWARE\Policies\Microsoft\Edge
If the value for "PersonalizationReportingEnabled" is not set to "REG_DWORD = 0", this is a finding.
Fix Text (F-38930r626441_fix)
Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow personalization of ads, search and news by sending browsing history to Microsoft" to "disabled".