DTBI460 - Loose XAML files must be disallowed (Restricted Sites zone).

Information

These are eXtensible Application Markup Language (XAML) files. XAML is an XML-based declarative markup language commonly used for creating rich user interfaces and graphics that leverage the Windows Presentation Foundation. If you enable this policy setting and the dropdown box is set to Enable, XAML files will be automatically loaded inside Internet Explorer. Users will not be able to change this behavior. If the dropdown box is set to Prompt, users will receive a prompt for loading XAML files. If you disable this policy setting, XAML files will not be loaded inside Internet Explorer. Users will not be able to change this behavior. If you do not configure this policy setting, users will have the freedom to decide whether to load XAML files inside Internet Explorer.

Solution

Set the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Restricted Sites Zone -> 'Loose XAML files' to 'Enabled' and select 'Disable' from the drop-down box.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Microsoft_IE9_V1R15_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(3), CAT|II, CCE|CCE-639, Rule-ID|SV-40644r1_rule, STIG-ID|DTBI460, Vuln-ID|V-15522

Plugin: Windows

Control ID: 0a65ae271917f13a5aa8ea5bed79223e2ceb6123683ac0949c70583a7cfac864