DTBI114 - The Initialize and script ActiveX controls not marked as safe property must be disallowed (Restricted Site zone).

Information

ActiveX controls not marked safe for scripting should not be executed. Although this is not a complete security measure for a control to be marked safe for scripting, if a control is not marked safe, it should not be initialized and executed.

Solution

Set the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Restricted Sites Zone -> 'Initialize and script ActiveX controls not marked as safe' to 'Enabled' and select 'Disable' from the drop-down box.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Microsoft_IE9_V1R15_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(4), CAT|II, Rule-ID|SV-40588r1_rule, STIG-ID|DTBI114, Vuln-ID|V-6291

Plugin: Windows

Control ID: 45ccaf0e9729d22ce736bf1ce5f48d8239b86bf5453bb74cf0c27b1c1a9764b5