EDGE-00-000004 - The list of domains for which Microsoft Defender SmartScreen will not trigger warnings must be allowlisted if used.

Information

Configure the list of Microsoft Defender SmartScreen trusted domains. This means Microsoft Defender SmartScreen will not check for potentially malicious resources, such as phishing software and other malware, if the source URLs match these domains. The Microsoft Defender SmartScreen download protection service will not check downloads hosted on these domains.

If this policy is enabled, Microsoft Defender SmartScreen trusts these domains. If the policy is disabled or not set, default Microsoft Defender SmartScreen protection is applied to all resources.

Solution

The policy value for 'Computer Configuration/Administrative Templates/Microsoft Edge/SmartScreen settings/Configure the list of domains for which Microsoft Defender SmartScreen will not trigger warnings' may be set to 'allow' for allowlisted domains.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Edge_V2R1_STIG.zip

Item Details

Category: MAINTENANCE

References: 800-53|MA-3(2), CAT|III, CCI|CCI-000870, Rule-ID|SV-235722r960852_rule, STIG-ID|EDGE-00-000004, Vuln-ID|V-235722

Plugin: Windows

Control ID: fac75d4ba6989f9665338391d0d8def29dd64b0e7918bfec3edac852b6b0864b