| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-235722 | CAT III | MONT-WS-92040 | Microsoft Edge Security Technical Implem... | The list of domains for which Microsoft Defender S... | - | |||
Check TextIf this machine is on SIPRNet, this is Not Applicable. This requirement for "SmartScreenAllowListDomains" is not required; this is optional. The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen won't trigger warnings" may be set to "allow" for allowlisted domains. Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge SmartScreenAllowListDomains may be set as follows: HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\1 = mydomain.com HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\2 = myagency.mil If configured, the list of domains for which Microsoft Defender SmartScreen will not trigger warnings may be allowlisted. Fix TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen will not trigger warnings" may be set to "allow" for allowlisted domains. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MicrosoftEdge_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: EB5A0A0DAE1A60492E5AE5BFF4A4B83F57C94096 ~~~~~ 'Configure the list of domains for which Microsoft Defender SmartScreen won't trigger warnings' is Configured Allowed domains: =========================== msc.navy.mil navy.mil
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_MSEdge_V2R3_20251023-142313.ckl
Scan Date: 2026-01-14T12:57:25.750497
Technology Area: Windows Operating System
|
||||||||
| V-235722 | CAT III | MONT-WS-92010 | Microsoft Edge Security Technical Implem... | The list of domains for which Microsoft Defender S... | - | |||
Check TextIf this machine is on SIPRNet, this is Not Applicable. This requirement for "SmartScreenAllowListDomains" is not required; this is optional. The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen won't trigger warnings" may be set to "allow" for allowlisted domains. Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge SmartScreenAllowListDomains may be set as follows: HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\1 = mydomain.com HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\2 = myagency.mil If configured, the list of domains for which Microsoft Defender SmartScreen will not trigger warnings may be allowlisted. Fix TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen will not trigger warnings" may be set to "allow" for allowlisted domains. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MicrosoftEdge_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: EB5A0A0DAE1A60492E5AE5BFF4A4B83F57C94096 ~~~~~ 'Configure the list of domains for which Microsoft Defender SmartScreen won't trigger warnings' is Configured Allowed domains: =========================== msc.navy.mil navy.mil
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_MSEdge_V2R3_20251023-141013.ckl
Scan Date: 2026-01-14T12:57:28.003629
Technology Area: Windows Operating System
|
||||||||
| V-235722 | CAT III | MONT-SW-89108 | Microsoft Edge Security Technical Implem... | The list of domains for which Microsoft Defender S... | - | |||
Check TextIf this machine is on SIPRNet, this is Not Applicable. This requirement for "SmartScreenAllowListDomains" is not required; this is optional. The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen won't trigger warnings" may be set to "allow" for allowlisted domains. Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge SmartScreenAllowListDomains may be set as follows: HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\1 = mydomain.com HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\2 = myagency.mil If configured, the list of domains for which Microsoft Defender SmartScreen will not trigger warnings may be allowlisted. Fix TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen will not trigger warnings" may be set to "allow" for allowlisted domains. Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MicrosoftEdge_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 598456BDC5F5C048C1ADDB7E41012F3DE1B9A927 ~~~~~ This is a classified system so this requirement is NA.
Source: MONT-SW-89108_MSEdge_V2R3_20251217-202829.ckl
Scan Date: 2026-03-04T15:25:16.059827
Technology Area: Windows Operating System
|
||||||||
| V-235722 | CAT III | MONT-SW-89134 | Microsoft Edge Security Technical Implem... | The list of domains for which Microsoft Defender S... | - | |||
Check TextIf this machine is on SIPRNet, this is Not Applicable. This requirement for "SmartScreenAllowListDomains" is not required; this is optional. The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen won't trigger warnings" may be set to "allow" for allowlisted domains. Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge SmartScreenAllowListDomains may be set as follows: HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\1 = mydomain.com HKLM\SOFTWARE\Policies\Microsoft\Edge\SmartScreenAllowListDomains\2 = myagency.mil If configured, the list of domains for which Microsoft Defender SmartScreen will not trigger warnings may be allowlisted. Fix TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen will not trigger warnings" may be set to "allow" for allowlisted domains. Finding DetailsEvaluate-STIG 1.2510.0 (Scan-MicrosoftEdge_Checks) found this to be NOT APPLICABLE on 12/17/2025 ResultHash: 598456BDC5F5C048C1ADDB7E41012F3DE1B9A927 ~~~~~ This is a classified system so this requirement is NA.
Source: MONT-SW-89134_MSEdge_V2R3_20251217-201011.ckl
Scan Date: 2026-03-04T15:25:42.078580
Technology Area: Windows Operating System
|
||||||||