STIGQter: STIG Summary: Microsoft Internet Explorer 11 Security Technical Implementation Guide Version: 1 Release: 19 Benchmark Date: 24 Jul 2020:

Enhanced Protected Mode functionality must be enforced.

DISA Rule

SV-59853r3_rule

Vulnerability Number

V-46987

Group Title

DTBI995-IE11-Enhanced Protected Mode

Rule Version

DTBI995-IE11

Severity

CAT II

CCI(s)

• CCI-001084 - The information system isolates security functions from nonsecurity functions.

Weight

10

Fix Recommendation

Set the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer-> Internet Control Panel-> Advanced Page 'Turn on Enhanced Protected Mode' to 'Enabled'.

Check Contents

Note: If McAfee ENS Web Control is being used, this is Not Applicable.

The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer-> Internet Control Panel-> Advanced Page 'Turn on Enhanced Protected Mode' must be 'Enabled'. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Internet Explorer\Main Criteria: If the value "Isolation" is REG_SZ = 'PMEM', this is not a finding.

Vulnerability Number

V-46987

Documentable

False

Rule Version

DTBI995-IE11

Severity Override Guidance

Note: If McAfee ENS Web Control is being used, this is Not Applicable.

The policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer-> Internet Control Panel-> Advanced Page 'Turn on Enhanced Protected Mode' must be 'Enabled'. Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\Policies\Microsoft\Internet Explorer\Main Criteria: If the value "Isolation" is REG_SZ = 'PMEM', this is not a finding.

Check Content Reference

M

Target Key

2589

Comments