DTBC-0058 - WebUSB must be disabled.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Allows you to set whether websites are allowed to get access to connected USB devices. Access can be completely blocked, or the user can be asked every time a website wants to get access to connected USB devices.
If this policy is left not set, '3' will be used, and the user will be able to change it.
2 = Do not allow any site to request access to USB devices via the WebUSB API
3 = Allow sites to ask the user to grant access to a connected USB device

Solution

Windows group policy:
1. Open the 'group policy editor' tool with gpedit.msc
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Content Settings
Policy Name: Control use of the WebUSB API
Policy State: Enabled
Policy Value: 2

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Google_Chrome_V2R6_STIG.zip

Item Details

References: CAT|II, CCI|CCI-000381, Rule-ID|SV-221591r615937_rule, STIG-ID|DTBC-0058, STIG-Legacy|SV-96301, STIG-Legacy|V-81587, Vuln-ID|V-221591

Plugin: Windows

Control ID: 38c57f713d0cce18c5b6fb475b4cbe238e4208ce4ac4d460d209a60030f7e79d