18.9.24.3 Ensure 'Default Protections for Internet Explorer' is set to 'Enabled'

Information

This setting determines if recommended EMET mitigations are applied to Internet Explorer.

The recommended state for this setting is: Enabled.

Rationale:

Applying EMET mitigations to Internet Explorer will help reduce the reliability of exploits that target it.

Solution

To establish the recommended configuration via GP, set the following UI path to Enabled:

Computer Configuration\Policies\Administrative Templates\Windows Components\EMET\Default Protections for Internet Explorer

Note: This Group Policy path does not exist by default. An additional Group Policy template (EMET.admx/adml) is required - it is included with Microsoft Enhanced Mitigation Experience Toolkit (EMET).

Impact:

EMET mitigations will be applied to Internet Explorer.

Default Value:

User configured.

See Also

https://workbench.cisecurity.org/files/2700

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7(2), CSCv6|8.4

Plugin: Windows

Control ID: b6886111b14df7d507cbe257f42a547538c7ae5e97a399f70f2b19b8f7553173