2.3.1 Ensure 'Blocks external extensions from being installed' is set to 'Enabled'

Information

Enabling this setting blocks external extensions (an extension that is not installed from the Chrome Web Store) from being installed.

The recommended state for this setting is: Enabled (1)

Rationale:

Allowing users to install extensions from other locations (not the Chrome Web Store) can lead to malicious extensions being installed.

Impact:

User will only be allowed to install extension for the Chrome web store.

Solution

To establish the recommended configuration via Group Policy, set the following UI path to Enabled:

Computer Configuration\Polices\Administrative Templates\Google\Google Chrome\Extensions\Blocks external extensions from being installed

Default Value:

Unset (Same as Disabled, but user can change)

See Also

https://workbench.cisecurity.org/benchmarks/8691

Item Details

Category: CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CM-10, 800-53|CM-11, 800-53|SC-18, CSCv7|7.2

Plugin: Windows

Control ID: 08955d72f60114249bdab9a19a3ecd983264240d20532ad67ef97afd1379e295