1.92 (L1) Ensure 'Enable browser legacy extension point blocking' is set to 'Enabled'

Information

This policy setting sets the ProcessExtensionPointDisablePolicy on Microsoft Edge's browser process to block code injection from legacy third party applications.

The recommended state for this setting is: Enabled.

Note: Per Microsoft, only turn off the policy if there are compatibility issues with third-party software that must run inside Microsoft Edge's browser process.

If this policy is set to Disabled, it may have a detrimental effect on Microsoft Edge's security and stability as unknown and potentially hostile code can load inside Microsoft Edge's browser process.

Solution

To establish the recommended configuration via configuration profiles, set the following Settings Catalog path to Enabled :

Microsoft Edge\Enable browser legacy extension point blocking

Impact:

Compatibility issues with third-party software can occur.

Item Details

Audit Name: CIS Microsoft Intune for Edge v1.0.0 L1

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-16, CSCv7|8.3

Plugin: Windows

Control ID: 144474beb5d5864fa3b46dd3bf60cb395635e9822c3b0e2242d1bb7b025990dc

Detections

Analytics

1.92 (L1) Ensure 'Enable browser legacy extension point blocking' is set to 'Enabled'

Information

Solution

See Also

Item Details