Details
If unset, should Chrome Cleanup detect unwanted software, it may report metadata about the scan to Google in accordance with policy set by ‘SafeBrowsingExtendedReportingEnabled’. Chrome Cleanup will then ask the user if they wish to clean up the unwanted software. The user can choose to share results of the cleanup with Google to assist with future unwanted software detection. These results contain file metadata and registry keys as described by the Chrome Privacy Whitepaper.
If set to ‘false’, should Chrome Cleanup detect unwanted software, it will not report metadata about the scan to Google, overriding any policy set by ‘SafeBrowsingExtendedReportingEnabled’. Chrome Cleanup will ask the user if they wish to clean up the unwanted software. Results of the cleanup will not be reported to Google and the user will not have the option to do so.
If set to ‘true’, should Chrome Cleanup detect unwanted software, it may report metadata about the scan to Google in accordance with policy set by ‘SafeBrowsingExtendedReportingEnabled’. Chrome Cleanup will ask the user if they wish to clean up the unwanted software. Results of the cleanup will be reported to Google and the user will not have the option to prevent it.
This policy is available only on Windows instances that are joined to a Microsoft Active Directory domain.
Solution
Windows group policy:
1. Open the ‘group policy editor’ tool with gpedit.msc
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesGoogleGoogle Chrome
Policy Name: Control how Chrome Cleanup reports data to Google
Policy State: Disabled
Policy Value: N/A
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Audit and Accountability.This control applies to the following type of system Windows.
References
- 800-53|AU-12a.
- CAT|II
- CCI|CCI-000169
- Rule-ID|SV-221593r615937_rule
- STIG-ID|DTBC-0061
- STIG-Legacy|SV-96307
- STIG-Legacy|V-81593
- Vuln-ID|V-221593