Skip to content

Microsoft Edge Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Relaunch notification must be required.

    <VulnDiscussion>Users must be required to restart the browser to finish installation of pending updates and prevent users from continually us...
    Rule Medium Severity
  • SRG-APP-000157

    <GroupDescription></GroupDescription>
    Group
  • The built-in DNS client must be disabled.

    &lt;VulnDiscussion&gt;This setting controls whether to use the built-in DNS client. This does not affect which DNS servers are used; it only contr...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Use of the QUIC protocol must be disabled.

    &lt;VulnDiscussion&gt;QUIC is used by more than half of all connections from the Edge web browser to Google's servers, and this activity is undesir...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • The list of domains media autoplay allows must be allowlisted if used.

    &lt;VulnDiscussion&gt;Define a list of sites, based on URL patterns, that are allowed to autoplay media. If this policy is not configured, the glo...
    Rule Low Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Visual Search must be disabled.

    &lt;VulnDiscussion&gt;Visual Search allows for quick exploration of more related content about entities in an image. If this policy is enabled or ...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • Copilot must be disabled.

    &lt;VulnDiscussion&gt;The Sidebar is a launcher bar on the right side of Microsoft Edge's screen. If this policy is enabled or not configured, the...
    Rule Medium Severity
  • SRG-APP-000080

    <GroupDescription></GroupDescription>
    Group
  • Session only-based cookies must be enabled.

    &lt;VulnDiscussion&gt;Cookies must only be allowed per session and only for approved URLs as permanently stored cookies can be used for malicious i...
    Rule Medium Severity
  • SRG-APP-000141

    <GroupDescription></GroupDescription>
    Group
  • FriendlyURLs must be disabled.

    &lt;VulnDiscussion&gt;If FriendlyURLs are enabled, Microsoft Edge will compute additional representations of the URL and place them on the clipboar...
    Rule Medium Severity
  • Site tracking of a user’s location must be disabled.

    &lt;VulnDiscussion&gt;Set whether websites can track users' physical locations. Tracking can be allowed by default ("AllowGeolocation") or denied b...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules