Back

Configure the "Allow status bar updates via script" setting in limited functionality environments properly.


CONTROL ID
04425
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure Internet Browser security options according to organizational standards., CC ID: 02166

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • This setting determines if scripts can update the status bar. For Enterprise Client environments, the Allow Status Bar Updates Via Script setting is Not Configured. For Specialized Security - Limited Functionality environments, this setting should be set to Disabled. This setting is applicable to th… (Pg 111, Microsoft Windows Vista Security Guide Appendix A: Security Group Policy Settings)
  • The "Allow status bar updates via script" machine setting should be configured correctly for the Internet Zone. Technical Mechanisms: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Allow status bar upd… (CCE-9750-1, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • Disable the Allow Status Bar Updates Via Script setting for limited functionality environments (oval:gov.nist.fdcc.ie7:def:226, oval:gov.nist.fdcc.ie7:def:378, oval:gov.nist.fdcc.ie7:def:118399, FDCC Windows IE7 SCAP content using OVAL (fdcc-ie7-oval.xml, fdcc-ie7-patches.xml), Version 5.4)
  • Allow status bar updates via script - Internet Zone - Local Computer (allow_status_bar_updates_via_script_internet_zone_local_computer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • Allow status bar updates via script - Restricted Sites Zone - Local Computer (AllowStatusBarUpdatesViaScript_RestrictedSitesZone_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • Allow Status Bar Updates Via Script - Locked Down Trusted Sites Zone - Local Computer (AllowStatusBarUpdatesViaScript_LockedDowntrusted_sites_zone_local_computer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • This policy setting allows you to manage whether script is allowed to update the status bar within the zone. If you enable this policy setting, script is allowed to update the status bar. (xccdf_gov.nist_rule_AllowStatusBarUpdatesViaScript_InternetZone_LocalComputer, oval:gov.nist.USGCB.ie7:def:31024, oval:gov.nist.USGCB.ie7:tst:31024, oval:gov.nist.USGCB.ie7:obj:31024, oval:gov.nist.USGCB.ie7:ste:31024, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting allows you to manage whether script is allowed to update the status bar within the zone. If you enable this policy setting, script is allowed to update the status bar. (xccdf_gov.nist_rule_AllowStatusBarUpdatesViaScript_InternetZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31024, oval:gov.nist.USGCB.ie8:tst:31024, oval:gov.nist.USGCB.ie8:obj:31024, oval:gov.nist.USGCB.ie8:ste:31024, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)