Back

Configure the "Launching applications and files in an IFRAME" setting in limited functionality environments properly.


CONTROL ID
04431
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure Internet Browser security options according to organizational standards., CC ID: 02166

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • This setting determines if files can be downloaded and applications run from an IFRAME. For Enterprise Client environments, the Launching Applications And Files In An IFRAME setting is Not Configured. For Specialized Security - Limited Functionality environments, this setting should be set to Enable… (Pg 112, Microsoft Windows Vista Security Guide Appendix A: Security Group Policy Settings)
  • The "Launching programs and files in an IFRAME" setting should be configured correctly for the Internet Zone. Technical Mechanisms: Local Internet Options: GPO Settings:[Computer Configuration | User Configuration]/Network/Internet Explorer/Internet Control Panel/Security Page/Internet Zone Regis… (CCE-4104-6, Common Configuration Enumeration List, Combined XML: Internet Explorer 7, 5.20130214)
  • The "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Restricted Sites Zone. Technical Mechanisms: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites… (CCE-10360-6, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • The "Launching applications and files in an IFRAME" machine setting should be configured correctly for the Internet Zone. Technical Mechanisms: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone\Launching … (CCE-9821-0, Common Configuration Enumeration List, Combined XML: Microsoft Internet Explorer 8, 5.20130214)
  • Disable the Launching Applications And Files In An IFRAME setting in a limited functionality environment (oval:gov.nist.fdcc.ie7:def:611, oval:gov.nist.fdcc.ie7:def:274, FDCC Windows IE7 SCAP content using OVAL (fdcc-ie7-oval.xml, fdcc-ie7-patches.xml), Version 5.4)
  • Launching applications and files in an IFRAME - Internet Zone - Local Computer (LaunchingApplicationsAndFilesInIFRAME_InternetZone_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • Launching applications and files in an IFRAME - Restricted Sites Zone - Local Computer (LaunchingApplicationsAndFilesInIFRAME_RestrictedSitesZone_LocalComputer, NIST SCAP Microsoft Internet Explorer Version 7 (fdcc-ie7-xccdf.xml), FDCC IE7 (1.2) SCAP Content - OVAL 5.4)
  • This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone. (xccdf_gov.nist_rule_LaunchingApplicationsAndFilesInIFRAME_InternetZone_LocalComputer, oval:gov.nist.USGCB.ie7:def:611, oval:gov.nist.USGCB.ie7:tst:3364, oval:gov.nist.USGCB.ie7:obj:76, oval:gov.nist.USGCB.ie7:ste:3605, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone. (xccdf_gov.nist_rule_LaunchingApplicationsAndFilesInIFRAME_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie7:def:274, oval:gov.nist.USGCB.ie7:tst:4087, oval:gov.nist.USGCB.ie7:obj:182, oval:gov.nist.USGCB.ie7:ste:3513, USGCB: Guidance for Securing Microsoft Internet Explorer 7, v1.2.3.1)
  • This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone. (xccdf_gov.nist_rule_LaunchingApplicationsAndFilesInIFRAME_InternetZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31030, oval:gov.nist.USGCB.ie8:tst:31030, oval:gov.nist.USGCB.ie8:obj:31030, oval:gov.nist.USGCB.ie8:ste:31030, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)
  • This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone. (xccdf_gov.nist_rule_LaunchingApplicationsAndFilesInIFRAME_RestrictedSitesZone_LocalComputer, oval:gov.nist.USGCB.ie8:def:31068, oval:gov.nist.USGCB.ie8:tst:31068, oval:gov.nist.USGCB.ie8:obj:31068, oval:gov.nist.USGCB.ie8:ste:31068, USGCB: Guidance for Securing Microsoft Internet Explorer 8, v1.2.3.1)