Details
Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine
file handling procedures for files that are received through a Web server. The Consistent
MIME Handling setting determines whether Internet Explorer requires that all file type
information that is provided by Web servers be consistent. For example, if the MIME type
of a file is text/plain but the MIME data indicates that the file is really an executable file,
Internet Explorer changes its extension to reflect this executable status. This capability
helps ensure that executable code cannot masquerade as other types of data that may be
trusted. The recommended state for this setting is- Enabled.
*Rationale*
MIME file type spoofing is a potential threat to your organization. You should ensure that
these files are consistent and properly labeled to help prevent malicious file downloads
that may infect your network.
Note- This policy setting works in conjunction with, but does not replace, the MIME Sniffing
Safety Features settings.
Solution
To establish the recommended configuration via Group Policy, set the following UI path to
Enabled.
Computer ConfigurationAdministrative TemplatesWindows ComponentsInternet
ExplorerSecurity FeaturesConsistent Mime HandlingInternet Explorer Processes
Impact-If you enable this policy setting, Internet Explorer examines all received files and enforces
consistent MIME data for them. If you disable or do not configure this policy setting,
Internet Explorer does not require consistent MIME data for all received files and will use
the MIME data that is provided by the file.
Default Value-Enabled
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.