DTBC-0058 - WebUSB must be disabled.

Information

Allows you to set whether websites are allowed to get access to connected USB devices. Access can be completely blocked, or the user can be asked every time a website wants to get access to connected USB devices.
If this policy is left not set, '3' will be used, and the user will be able to change it.
2 = Do not allow any site to request access to USB devices via the WebUSB API
3 = Allow sites to ask the user to grant access to a connected USB device

Solution

Windows group policy:
1. Open the 'group policy editor' tool with gpedit.msc
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Content Settings
Policy Name: Control use of the WebUSB API
Policy State: Enabled
Policy Value: 2

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Google_Chrome_V2R6_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7a., CAT|II, CCI|CCI-000381, Rule-ID|SV-221591r615937_rule, STIG-ID|DTBC-0058, STIG-Legacy|SV-96301, STIG-Legacy|V-81587, Vuln-ID|V-221591

Plugin: Windows

Control ID: c2d0b477ad4eeafadc581616c31279ee4bc4e3d4eff27be72d7511aecc2b338b