| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-235758 | CAT I | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | The version of Microsoft Edge running on the syste... | - | |||
Check TextCross-reference the build information displayed with the Microsoft Edge site to identify, at minimum, the oldest supported build available. If the installed version of Edge is not supported by Microsoft, this is a finding. Fix TextInstall a supported version of Edge. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) was unable to determine a Status but found the below configuration on 03/05/2026: ResultHash: C8FEAB4CAE85FA4E90B6C6E61F778F398997D8EF ~~~~~ Microsoft Edge Version: 145.0.3800.70 CommentsThe version of Microsoft Edge running on the system is a supported version. This is Not a Finding
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235720 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Bypassing Microsoft Defender SmartScreen prompts f... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Prevent bypassing Microsoft Defender SmartScreen prompts for sites" must be set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "PreventSmartScreenPromptOverride" is not set to "REG_DWORD = 1", this is a finding. If this machine is on SIPRNet, this is Not Applicable. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Prevent bypassing Microsoft Defender SmartScreen prompts for sites" to "Enabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: C33E388254DDCB5B7A5AA275DCEC3789FA6C6D8C ~~~~~ 'Prevent bypassing Microsoft Defender SmartScreen prompts for sites' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: PreventSmartScreenPromptOverride Value: 0x00000001 (1) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235721 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Bypassing of Microsoft Defender SmartScreen warnin... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads" must be set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "PreventSmartScreenPromptOverrideForFiles" is not set to "REG_DWORD = 1", this is a finding. If this machine is on SIPRNet, this is Not Applicable. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads" must to "Enabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 00754A8B44AD87CBB6D5FBC53E664288E16117B4 ~~~~~ 'Prevent bypassing of Microsoft Defender SmartScreen warnings about downloads' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: PreventSmartScreenPromptOverrideForFiles Value: 0x00000001 (1) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235723 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | InPrivate mode must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Configure InPrivate mode availability" must be set to "enabled" with the option value set to "InPrivate mode disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "InPrivateModeAvailability" is not set to "REG_DWORD = 1", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Configure InPrivate mode availability" to "enabled" and select "InPrivate mode disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 6A26062584CE53C883FDC08AC7C990D375CD472F ~~~~~ 'Configure InPrivate mode availability' is Enabled with 'InPrivate mode disabled' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: InPrivateModeAvailability Value: 0x00000001 (1) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235724 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Background processing must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Continue running background apps after Microsoft Edge closes" must be set to "Disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "BackgroundModeEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Continue running background apps after Microsoft Edge closes" to "Disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: A95AA40B6F30C779A0CE892F14BD0215ED60B0AA ~~~~~ 'Continue running background apps after Microsoft Edge closes' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: BackgroundModeEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235725 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | The ability of sites to show pop-ups must be disab... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Default pop-up window setting" must be set to "Enabled" with the option value set to "Do not allow any site to show pop-ups". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for DefaultPopupsSetting is not set to "REG_DWORD = 2", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Default pop-up window setting" to "Enabled" with the option value set to "Do not allow any site to show pop-ups". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: A3DBEC9663EEDC90775D105ED8029C5BC806A409 ~~~~~ 'Default pop-up window setting' is Enabled with 'Do not allow any site to show pop-ups' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: DefaultPopupsSetting Value: 0x00000002 (2) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235726 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | The default search provider must be set to use an ... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Manage Search Engines" must be configured. Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge Example REG_SZ value text for "ManagedSearchEngines": [{"allow_search_engine_discovery": false},{"is_default": true,"name": "Microsoft Bing","keyword": "bing","search_url": "https://www.bing.com/search?q={searchTerms}"},{"name": "Google","keyword": "google","search_url": "https://www.google.com/search?q={searchTerms}"}] If any of the search URLs in the list do not begin with "https", this is a finding. Fix TextConfigure the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Manage Search Engines". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 859E1524C5E43114ADA3981FB6DFA4354BB11E7A ~~~~~ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ManagedSearchEngines Value: [{"allow_search_engine_discovery": false},{"is_default": true,"name": "Microsoft Bing","keyword": "bing","search_url": "https://www.bing.com/search?q={searchTerms}"},{"name": "Google","keyword": "google","search_url": "https://www.google.com/search?q={searchTerms}"}] Type: REG_SZ Search URLs ======================= https://www.bing.com/search?q={searchTerms} https://www.google.com/search?q={searchTerms}
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235728 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Network prediction must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable network prediction" must be set to "Enabled" with the option value set to "Don't predict network actions on any network connection". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for NetworkPredictionOptions is not set to "REG_DWORD = 2", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable network prediction" to "Enabled" with the option value set to "Don't predict network actions on any network connection". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: C3B61B9619246C488256EF969782678101E04209 ~~~~~ 'Enable network prediction' is Enabled with 'Don't predict network actions on any network connection' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: NetworkPredictionOptions Value: 0x00000002 (2) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235729 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Search suggestions must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable search suggestions" must be set to "Disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "SearchSuggestEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable search suggestions" to "Disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: E3CAF58DF9DE07E23A04EE57FFC5F9C8460C6537 ~~~~~ 'Enable search suggestions' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: SearchSuggestEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235730 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Importing of autofill form data must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of autofill form data" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportAutofillFormData" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of autofill form data" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: F08C62B7F2ABE15A36FB514AA57C9D82DC746279 ~~~~~ 'Allow importing of autofill form data' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ImportAutofillFormData Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235732 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Importing of cookies must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of cookies" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportCookies" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of cookies" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 16BF98FC3F0EBB1565C797CB6FFC1D57C15A20D6 ~~~~~ 'Allow importing of cookies' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ImportCookies Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235733 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Importing of extensions must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of extensions" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportExtensions" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of extensions" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 63C9813DC2198C4155927B003A768D2286A93864 ~~~~~ 'Allow importing of extensions' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ImportExtensions Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235734 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Importing of browsing history must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of browsing history" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportHistory" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of browsing history" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 5A369FE00E668F3D5C55ABC808997BA81CD6BF1E ~~~~~ 'Allow importing of browsing history' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ImportHistory Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235735 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Importing of home page settings must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of home page settings" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportHomepage" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of home page settings" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 8A5E12CFE2D497A7160E25D907CE340169B6750C ~~~~~ 'Allow importing of home page settings' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ImportHomepage Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235736 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Importing of open tabs must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of open tabs" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportOpenTabs" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of open tabs" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 94DC9B1B6FE2DD930D8E55CE31A926ACC092E032 ~~~~~ 'Allow importing of open tabs' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ImportOpenTabs Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235737 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Importing of payment info must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of payment info" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportPaymentInfo" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of payment info" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 4C351B4F0B7E4589FBCAC8225414BBCC72F8003B ~~~~~ 'Allow importing of payment info' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ImportPaymentInfo Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235738 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Importing of saved passwords must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of saved passwords" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportSavedPasswords" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of saved passwords" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 1C95A1EA9C9DCB1DC440C4F491925769F6EA7AD2 ~~~~~ 'Allow importing of saved passwords' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ImportSavedPasswords Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235739 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Importing of search engine settings must be disabl... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of search engine settings" must be set to "disabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportSearchEngine" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of search engine settings" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: BF82D8CD5BAE85B427F586A1EBFE413B23378C4F ~~~~~ 'Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of search engine settings' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ImportSearchEngine Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235740 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Importing of shortcuts must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of shortcuts" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ImportShortcuts" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of shortcuts" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 7F3AD249882C08B8647088E3B2BAE57EC9CB22F2 ~~~~~ 'Computer Configuration/Administrative Templates/Microsoft Edge/Allow importing of shortcuts' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ImportShortcuts Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235741 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | AutoplayAllowed must be set to disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow media autoplay for websites" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "AutoplayAllowed" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow media autoplay for websites" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 7B48931F199FBAC2686E7530ADC669B50010403D ~~~~~ 'Allow media autoplay for websites' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: AutoplayAllowed Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235742 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | WebUSB must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Control use of the WebUSB API" must be set to "enabled" with the option value set to "Do not allow any site to request access to USB devices via the WebUSB API". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "DefaultWebUsbGuardSetting" is not set to "REG_DWORD = 2", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Control use of the WebUSB API" to enabled" and select "Do not allow any site to request access to USB devices via the WebUSB API". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 38497FE6B80E6BB81740D721841068941DA03567 ~~~~~ 'Control use of the WebUSB API' is Enabled with 'Do not allow any site to request access to USB devices via the WebUSB API' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: DefaultWebUsbGuardSetting Value: 0x00000002 (2) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235743 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Google Cast must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Cast/Enable Google Cast" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "EnableMediaRouter" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Cast/Enable Google Cast" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 1528C14AEEB65CCC54DF466080527EB385DF1760 ~~~~~ 'Enable Google Cast' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: EnableMediaRouter Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235744 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Web Bluetooth API must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Control use of the Web Bluetooth API" must be set to "enabled" with the option value set to "Do not allow any site to request access to Bluetooth devices via the Web Bluetooth API". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "DefaultWebBluetoothGuardSetting" is not set to "REG_DWORD = 2", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Control use of the Web Bluetooth API" to "enabled" with the option value set to "Do not allow any site to request access to Bluetooth devices via the Web Bluetooth API. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 77C9F2CFAD6FB07DF15769E13BF655A14D6EC237 ~~~~~ 'Control use of the Web Bluetooth API' is Enabled with 'Do not allow any site to request access to Bluetooth devices via the Web Bluetooth API' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: DefaultWebBluetoothGuardSetting Value: 0x00000002 (2) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235745 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Autofill for Credit Cards must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable AutoFill for credit cards" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "AutofillCreditCardEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable AutoFill for credit cards" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: D09B8C1D767D0AF121E2C7FBFDF4C858A96F2B8A ~~~~~ 'Enable AutoFill for credit cards' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: AutofillCreditCardEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235746 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Autofill for addresses must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable AutoFill for addresses" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "AutofillAddressEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable AutoFill for addresses" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: B2677DF844BBD760C645DA2D8809408E9415C159 ~~~~~ 'Enable AutoFill for addresses' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: AutofillAddressEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235747 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Online revocation checks must be performed. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable online OCSP/CRL checks" must be set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "EnableOnlineRevocationChecks" is not set to "REG_DWORD = 1", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable online OCSP/CRL checks" to "Enabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 759AF9B5A64AFD60ADA201529452464B1D8B669F ~~~~~ 'Enable online OCSP/CRL checks' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: EnableOnlineRevocationChecks Value: 0x00000001 (1) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235748 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Personalization of ads, search, and news by sendin... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow personalization of ads, search and news by sending browsing history to Microsoft" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "PersonalizationReportingEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow personalization of ads, search and news by sending browsing history to Microsoft" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: B9CCB256B27A09591F64025AEF672F537D8DC814 ~~~~~ 'Allow personalization of ads, search and news by sending browsing history to Microsoft' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: PersonalizationReportingEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235749 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Site tracking of a user’s location must be disable... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Default geolocation setting" must be set to "enabled" with the option value set to "Don't allow any site to track users' physical location". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "DefaultGeolocationSetting" is not set to "REG_DWORD = 2", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Default geolocation setting" to "enabled" and select "Don't allow any site to track users' physical location". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: DBF4B8660CC702E433B75A2A859CD9E4E1FC7B5F ~~~~~ 'Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Default geolocation setting' is Enabled with 'Don't allow any site to track users' physical location' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: DefaultGeolocationSetting Value: 0x00000002 (2) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235750 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Browser history must be saved. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable deleting browser and download history" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "AllowDeletingBrowserHistory" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable deleting browser and download history" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: BB37C332F0F43CE9B237493C3740BF5AFCDB70DB ~~~~~ 'Computer Configuration/Administrative Templates/Microsoft Edge/Enable deleting browser and download history' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: AllowDeletingBrowserHistory Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235754 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Extensions installation must be blocklisted by def... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Extensions/Control which extensions cannot be installed" must be set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge\ExtensionInstallBlocklist\1 If the value for "1" is not set to "REG_SZ = *", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Extensions/Control which extensions cannot be installed" to "Enabled". A list of blocklisted extensions may then be specified. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 4097A18D2792A95FE262E20A225523C05426B446 ~~~~~ 'Control which extensions cannot be installed' is Enabled (With '*' added to the list) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge\ExtensionInstallBlocklist Value Name: 1 Value: * Type: REG_SZ
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235756 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | The Password Manager must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Password manager and protection/Enable saving passwords to the password manager" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "PasswordManagerEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Password manager and protection/Enable saving passwords to the password manager" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 7BCE53DE564BDFF816DA0D34AF460FA8B5561B18 ~~~~~ 'Enable saving passwords to the password manager' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: PasswordManagerEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235760 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Site isolation for every site must be enabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable site isolation for every site" must be set to "enabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "SitePerProcess" is not set to "REG_DWORD = 1", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable site isolation for every site" to "enabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: CDC59BF3B7F9E172DADA2D5A1B99AD5112919D25 ~~~~~ 'Enable site isolation for every site' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: SitePerProcess Value: 0x00000001 (1) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235761 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Supported authentication schemes must be configure... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/HTTP authentication/Supported authentication schemes" must be set to "ntlm,negotiate". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "AuthSchemes" is not set to "REG_SZ = ntlm,negotiate", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/HTTP authentication/Supported authentication schemes" to "ntlm,negotiate". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: D729C535227E8041CCECF0203A782A4147B1857A ~~~~~ 'Supported authentication schemes' is Enabled with 'ntlm,negotiate' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: AuthSchemes Value: ntlm,negotiate Type: REG_SZ
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235763 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Microsoft Defender SmartScreen must be enabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure Microsoft Defender SmartScreen" must be set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "SmartScreenEnabled" is not set to "REG_DWORD = 1", this is a finding. If this machine is on SIPRNet, this is Not Applicable. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure Microsoft Defender SmartScreen" to "Enabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 0FE1775D93652DFC1E9031585F819F9158C92E5A ~~~~~ 'Configure Microsoft Defender SmartScreen' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: SmartScreenEnabled Value: 0x00000001 (1) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235764 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Microsoft Defender SmartScreen must be configured ... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure Microsoft Defender SmartScreen to block potentially unwanted apps" must be set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for SmartScreenPuaEnabled is not set to "REG_DWORD = 1", this is a finding. If this machine is on SIPRNet, this is Not Applicable. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure Microsoft Defender SmartScreen to block potentially unwanted apps" to "Enabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: AF7BFAF51876CD911EA583D31A1AB2F474242704 ~~~~~ 'Configure Microsoft Defender SmartScreen to block potentially unwanted apps' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: SmartScreenPuaEnabled Value: 0x00000001 (1) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235766 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Tracking of browsing activity must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Block tracking of users' web-browsing activity" must be set to "Enabled" with the option value set to "Balanced" or "Strict". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "TrackingPrevention" is not set to "REG_DWORD = 2" or "REG_DWORD = 3", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Block tracking of users' web-browsing activity" to "Balanced" or "Strict". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: BFB209185613574AFDC8D1FDCE5645138B8F0AF6 ~~~~~ 'Block tracking of users' web-browsing activity' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: TrackingPrevention Value: 0x00000002 (2) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235767 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | A website's ability to query for payment methods m... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow websites to query for available payment methods" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for PaymentMethodQueryEnabled is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow websites to query for available payment methods" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: F85BD56BBF7FAFBC610EBA052F199608B6E3DE06 ~~~~~ 'Allow websites to query for available payment methods' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: PaymentMethodQueryEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235768 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Suggestions of similar web pages in the event of a... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Suggest similar pages when a webpage can't be found" must be set to "Disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for AlternateErrorPagesEnabled is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Suggest similar pages when a webpage can't be found" to "Disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 5FE8B17D491D95624AA3D36520DEE4CABCA519E7 ~~~~~ 'Suggest similar pages when a webpage can't be found' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: AlternateErrorPagesEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235769 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | User feedback must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow user feedback" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for UserFeedbackAllowed is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow user feedback" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: A9C3CB492BC4DCF667581F324F2BF3C87024DD4D ~~~~~ 'Allow user feedback' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: UserFeedbackAllowed Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235770 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | The collections feature must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable the Collections feature" must be set to "Disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "EdgeCollectionsEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable the Collections feature" to "Disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 2D6CF3DC871908B27103BD2A0AADA788DC08FE5D ~~~~~ 'Enable the Collections feature' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: EdgeCollectionsEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235771 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | The Share Experience feature must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Configure the Share experience" must be set to "enabled" with the option value set to "Don't allow using the Share experience". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ConfigureShare" is not set to "REG_DWORD = 1", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Configure the Share experience" to "Don't allow using the Share experience". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: AF9F31C9048C1464BABE364BC395F8BF0F0D2874 ~~~~~ 'Configure the Share experience' is Enabled with 'Don't allow using the Share experience' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ConfigureShare Value: 0x00000001 (1) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235772 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Guest mode must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable guest mode" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "BrowserGuestModeEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Enable guest mode" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: C41C1EBCD929E62126289710DB0512B0C3589702 ~~~~~ 'Enable guest mode' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: BrowserGuestModeEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235773 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Relaunch notification must be required. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Notify a user that a browser restart is recommended or required for pending updates" must be set to "Enabled" with the option value set to "Required". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "RelaunchNotification" is not set to "REG_DWORD = 2", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Notify a user that a browser restart is recommended or required for pending updates" web-browsing activity to "Required". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: B57A03559EAFB980D5E9D52175B1F7A68F888C51 ~~~~~ 'Notify a user that a browser restart is recommended or required for pending updates' is Enabled with 'Required' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: RelaunchNotification Value: 0x00000002 (2) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-235774 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | The built-in DNS client must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Use built-in DNS client" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "BuiltInDnsClientEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Use built-in DNS client" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: B76F0C6311068EC7685D073365C478451F16B7A8 ~~~~~ 'Use built-in DNS client' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: BuiltInDnsClientEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-246736 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Use of the QUIC protocol must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow QUIC protocol" must be set to "Disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "QuicAllowed" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Allow QUIC protocol" to "Disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 9F96AAF9C4DC4B5A831AA5160BD50D280B3F5EC2 ~~~~~ 'Allow QUIC protocol' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: QuicAllowed Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-260465 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Visual Search must be disabled. | - | |||
Check TextVerify the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Visual search enabled" is set to "Disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "VisualSearchEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Visual search enabled" to "Disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 78DBF7703C4344E1C9FEC6958B7770D32210875B ~~~~~ 'Visual search enabled' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: VisualSearchEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-260466 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Copilot must be disabled. | - | |||
Check TextVerify the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Show Hubs Sidebar" is set to "Disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "HubsSidebarEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Show Hubs Sidebar" to "Disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: E2685576C3025DD255C16A3C12819DC1828509E9 ~~~~~ 'Show Hubs Sidebar' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: HubsSidebarEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-260467 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Session only-based cookies must be enabled. | - | |||
Check TextVerify the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Configure cookies" is set to "Enabled" with the option value set to "Keep cookies for the duration of the session, except ones listed in 'SaveCookiesOnExit'". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for “DefaultCookiesSetting” is not set to "REG_DWORD = 4", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Configure cookies" to "Enabled" with the option value set to "Keep cookies for the duration of the session, except ones listed in 'SaveCookiesOnExit'". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: CC86029292DF41B85ACCCA8CD609A962C4964A04 ~~~~~ 'Configure cookies' is Enabled: (Keep cookies for the duration of the session, except ones listed in 'SaveCookiesOnExit') Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: DefaultCookiesSetting Value: 0x00000004 (4) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-266981 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | FriendlyURLs must be disabled. | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Configure the default paste format of URLs copied from Microsoft Edge and determine if additional formats will be available to users" must be set to "enabled" with the option value set to "The plain URL without any extra information, such as the page´s title. This is the recommended option when this policy is configured. For more information, see the description.". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ConfigureFriendlyURLFormat" is not set to "REG_DWORD = 1", this is a finding. Fix TextSet the policy value for "Computer Configuration/Administrative Templates/Microsoft EdgeConfigure the default paste format of URLs copied from Microsoft Edge, and determine if additional formats will be available to users" to "enabled" and select "The plain URL without any extra information, such as the page´s title. This is the recommended option when this policy is configured. For more information, see the description." Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: D584CFBF4BC3ECBB5AAA9121E3B5A91B09C02156 ~~~~~ 'Configure the default paste format of URLs copied from Microsoft Edge, and determine if additional formats will be available to users' is Enabled: (The plain URL without any extra information, such as the page's title.) Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ConfigureFriendlyURLFormat Value: 0x00000001 (1) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||
| V-279940 | CAT II | SCHR-P3-DP-001 | Microsoft Edge Security Technical Implem... | Access to Microsoft 365 Copilot writing assistance... | - | |||
Check TextThe policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Control access to Microsoft 365 Copilot writing assistance in Microsoft Edge for Business" must be set to "disabled". Use the Windows Registry Editor to navigate to the following key: HKLM\SOFTWARE\Policies\Microsoft\Edge If the value for "ComposeInlineEnabled" is not set to "REG_DWORD = 0", this is a finding. Fix TextSet the policy value for "Control access to Microsoft 365 Copilot writing assistance in Microsoft Edge for Business" to "disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-MicrosoftEdge_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 502C8B71437749D29CB3E33985BDF72B0D30248E ~~~~~ 'Control access to Microsoft 365 Copilot writing assistance in Microsoft Edge for Business' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Edge Value Name: ComposeInlineEnabled Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_MSEdge_V2R4_20260305-132826.cklb
Scan Date: 2026-03-12T15:38:14.495854
Technology Area: Windows Operating System
|
||||||||