EDGE-00-000047 – Site isolation for every site must be enabled.

Details

The ‘SitePerProcess’ policy can be used to prevent users from opting out of the default behavior of isolating all sites. The ‘IsolateOrigins’ policy can be used to isolate additional, finer-grained origins.

Enabling this policy prevents users from opting out of the default behavior where each site runs in its own process.

If this policy is not disabled or configured, a user can opt out of site isolation (e.g., by using ‘Disable site isolation’ entry in edge://flags.) Disabling the policy or not configuring the policy does not turn off Site Isolation.

Solution

Set the policy value for ‘Computer Configuration/Administrative Templates/Microsoft Edge/Enable site isolation for every site’ to ‘enabled’.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Edge_V1R4_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

800-53|CM-7a.
CAT|II
CCI|CCI-000381
Rule-ID|SV-235760r626523_rule
STIG-ID|EDGE-00-000047
Vuln-ID|V-235760

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles