| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-221565 | CAT II | MONT-WS-92040 | Google Chrome Current Windows Security T... | The default search provider URL must be set to per... | - | |||
Check TextIf the system is on the SIPRNet, this requirement is NA. Universal method: 1. In the omnibox (address bar) type chrome://policy. 2. If DefaultSearchProviderSearchURL is not displayed under the Policy Name column or it is not set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ) under the Policy Value column, this is a finding. Windows method: 1. Start regedit. 2. Navigate to HKLM\Software\Policies\Google\Chrome\. 3. If the DefaultSearchProviderSearchURL value name does not exist or its value data is not set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ), this is a finding. Fix TextIf the system is on the SIPRNet, this requirement is NA. Windows group policy: 1. Open the group policy editor tool with gpedit.msc. 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Default search provider\. - Policy Name: Default search provider search URL - Policy State: Enabled - Policy Value: Must be set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ) Finding DetailsEvaluate-STIG 1.2507.5 (Scan-GoogleChrome_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4E2A308B8138082CBCDE899BDC5B493E0085A6E2 ~~~~~ 'Default search provider search URL' is Configured Registry Path: HKLM:\SOFTWARE\Policies\Google\Chrome Value Name: DefaultSearchProviderSearchURL Value: https://www.google.com/search?q={searchTerms} Type: REG_SZ
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Chrome_V2R11_20251023-142120.ckl
Scan Date: 2026-01-14T12:57:25.338171
Technology Area: Windows Operating System
|
||||||||
| V-221565 | CAT II | MONT-WS-92010 | Google Chrome Current Windows Security T... | The default search provider URL must be set to per... | - | |||
Check TextIf the system is on the SIPRNet, this requirement is NA. Universal method: 1. In the omnibox (address bar) type chrome://policy. 2. If DefaultSearchProviderSearchURL is not displayed under the Policy Name column or it is not set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ) under the Policy Value column, this is a finding. Windows method: 1. Start regedit. 2. Navigate to HKLM\Software\Policies\Google\Chrome\. 3. If the DefaultSearchProviderSearchURL value name does not exist or its value data is not set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ), this is a finding. Fix TextIf the system is on the SIPRNet, this requirement is NA. Windows group policy: 1. Open the group policy editor tool with gpedit.msc. 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Default search provider\. - Policy Name: Default search provider search URL - Policy State: Enabled - Policy Value: Must be set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ) Finding DetailsEvaluate-STIG 1.2507.5 (Scan-GoogleChrome_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4E2A308B8138082CBCDE899BDC5B493E0085A6E2 ~~~~~ 'Default search provider search URL' is Configured Registry Path: HKLM:\SOFTWARE\Policies\Google\Chrome Value Name: DefaultSearchProviderSearchURL Value: https://www.google.com/search?q={searchTerms} Type: REG_SZ
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Chrome_V2R11_20251023-140804.ckl
Scan Date: 2026-01-14T12:57:27.625294
Technology Area: Windows Operating System
|
||||||||
| V-221565 | CAT II | MONT-SW-89108 | Google Chrome Current Windows Security T... | The default search provider URL must be set to per... | - | |||
Check TextIf the system is on the SIPRNet, this requirement is NA. Universal method: 1. In the omnibox (address bar) type chrome://policy. 2. If DefaultSearchProviderSearchURL is not displayed under the Policy Name column or it is not set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ) under the Policy Value column, this is a finding. Windows method: 1. Start regedit. 2. Navigate to HKLM\Software\Policies\Google\Chrome\. 3. If the DefaultSearchProviderSearchURL value name does not exist or its value data is not set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ), this is a finding. Fix TextIf the system is on the SIPRNet, this requirement is NA. Windows group policy: 1. Open the group policy editor tool with gpedit.msc. 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Default search provider\. - Policy Name: Default search provider search URL - Policy State: Enabled - Policy Value: Must be set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ) Finding DetailsEvaluate-STIG 1.2510.0 (Scan-GoogleChrome_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 131C51BE43E61BFBB569FDD5F046ADBBCD65A458 ~~~~~ This is a classified system so this requirement is NA.
Source: MONT-SW-89108_Chrome_V2R11_20251217-202759.ckl
Scan Date: 2026-03-04T15:25:15.778437
Technology Area: Windows Operating System
|
||||||||
| V-221565 | CAT II | MONT-SW-89134 | Google Chrome Current Windows Security T... | The default search provider URL must be set to per... | - | |||
Check TextIf the system is on the SIPRNet, this requirement is NA. Universal method: 1. In the omnibox (address bar) type chrome://policy. 2. If DefaultSearchProviderSearchURL is not displayed under the Policy Name column or it is not set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ) under the Policy Value column, this is a finding. Windows method: 1. Start regedit. 2. Navigate to HKLM\Software\Policies\Google\Chrome\. 3. If the DefaultSearchProviderSearchURL value name does not exist or its value data is not set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ), this is a finding. Fix TextIf the system is on the SIPRNet, this requirement is NA. Windows group policy: 1. Open the group policy editor tool with gpedit.msc. 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Default search provider\. - Policy Name: Default search provider search URL - Policy State: Enabled - Policy Value: Must be set to an organization-approved encrypted search string (ex. https://www.google.com/search?q={searchTerms} or https://www.bing.com/search?q={searchTerms} ) Finding DetailsEvaluate-STIG 1.2510.0 (Scan-GoogleChrome_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 131C51BE43E61BFBB569FDD5F046ADBBCD65A458 ~~~~~ This is a classified system so this requirement is NA.
Source: MONT-SW-89134_Chrome_V2R11_20251217-200930.ckl
Scan Date: 2026-03-04T15:25:41.812659
Technology Area: Windows Operating System
|
||||||||