The MK Protocol Security Restriction policy setting reduces attack surface area by blocking the seldom used MK protocol.(xccdf_gov.nist_rule_IEProcesses_MKProtocolSecurityRestriction_LocalComputer, oval:7:def:617, oval:7:tst:3453, oval:7:obj:72, oval:7:ste:3114, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1) Some older Web applications use the MK protocol to retrieve information from compressed files. Internet Explorer Processes - MK Protocol Security Restriction - Local Computer (IEProcesses_MKProtocolSecurityRestriction_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4).HKEY_LOCAL_MACHINE\Softwa… (CCE-16763-5, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214) The "MK Protocol Security Restriction: All Processes" machine setting should be configured correctly.Ĭomputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\All Processes.HKEY_LOCAL_MACHINE\Software… (CCE-17005-0, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214) The "MK Protocol Security Restriction: Process List" machine setting should be configured correctly.Ĭomputer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\Process List.User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\Internet Explorer Proces… (CCE-16938-3, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214) The "MK Protocol Security Restriction: Internet Explorer Processes" current user setting should be configured correctly.HKEY_CURRENT_USER\Softwa… (CCE-16982-1, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214) User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\All Processes The "MK Protocol Security Restriction: All Processes" current user setting should be configured correctly.HKEY_CURRENT_USER\Software… (CCE-16061-4, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214) User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\Process List The "MK Protocol Security Restriction: Process List" current user setting should be configured correctly.(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\MK Protocol Security Restriction\Internet Explore… (CCE-10265-7, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214) The "MK Protocol Security Restriction: Internet Explorer Processes" machine setting should be configured correctly.HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE… (CCE-3338-1, Common Configuration Enumeration List, Combined XML: Internet Explorer 7, 5.20130214) HKLM\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL\(Reserved) The "Internet Explorer Processes (MK Protocol)" setting should be configured correctly.If you enable this policy setting, the MK Protocol is prevented fo… (Rule:xccdf_rule_7.5_Set_MK_Protocol_Security_Restriction_to_EnabledĪrtifact Expression:xccdf_ae_7.5.1_, The Center for Internet Security Microsoft Internet Explorer 10 Level 1 Benchmark, 1.0.0)Īrtifact Expression:xccdf_ae_7.5.2_, The Center for Internet Security Microsoft Internet Explorer 10 Level 1 Benchmark, 1.0.0)Īrtifact Expression:xccdf_ae_7.5.3_, The Center for Internet Security Microsoft Internet Explorer 10 Level 1 Benchmark, 1.0.0)Īrtifact Expression:xccdf_ae_7.5.4_, The Center for Internet Security Microsoft Internet Explorer 10 Level 1 Benchmark, 1.0.0) Resources hosted on the MK protocol will fail. The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. ![]() Set 'MK Protocol Security Restriction' to 'Enabled' (Pg 85, Microsoft Windows Vista Security Guide Appendix A: Security Group Policy Settings) The Internet Explorer Processes (MK Protocol) setting should be Enabled. This setting blocks the MK protocol, a protocol used by older Web applications to retrieve information from compressed files.
0 Comments
Leave a Reply. |