U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Internet Explorer 11 STIG Ver 2, Rel 5 Checklist Details (Checklist Revisions)

SCAP 1.2 Content:

Supporting Resources:

Target:

Target CPE Name
Microsoft Internet Explorer 11 cpe:/a:microsoft:internet_explorer:11:- (View CVEs)

Checklist Highlights

Checklist Name:
Internet Explorer 11 STIG
Checklist ID:
492
Version:
Ver 2, Rel 5
Type:
Compliance
Review Status:
Final
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
02/28/2017

Checklist Summary:

The Internet Explorer (IE) 11 Overview, along with the IE11 Security Technical Implementation Guide (STIG), provides the technical security policies, requirements, and implementation details for applying security concepts to Microsoft Internet Explorer 11 web browser. The IE11 web browser utilizes mobile code and Public Key Infrastructure (PKI) technologies to enable some of its features. The requirements described in this document are designed to implement the applicable Department of Defense (DoD) polices for those technologies. These policies are described in the Use of Mobile Code Technologies in Department of Defense (DoD) Information Systems (later referred to as the DoD Mobile Code Policy) and the Department of Defense Instruction, “Department of Defense (DoD) Public Key Infrastructure (PKI) and Public Key (PK) Enabling documents.

Checklist Role:

  • Web Browser

Known Issues:

Not Provided

Target Audience:

Not Provided

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

The Microsoft IE11 STIG was developed using a Microsoft Internet Explorer 11 installation on a system running Microsoft Windows 8.

Regulatory Compliance:

DoD Instruction (DoDI) 8500.01

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document. Approved changes will be made in accordance with the DISA FSO maintenance release schedule.

Disclaimer:

Not Provided

Product Support:

Not Provided

Point of Contact:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document. Approved changes will be made in accordance with the DISA FSO maintenance release schedule.

Sponsor:

Not Provided

Licensing:

Not Provided

Change History:

Version 1, Release 6 - 03 August 2015
Updated status from "under review" to "final" - 22 June 2015
Version 1, Release 1 - 18 May 2014
Version 1, Release 2 - 30 October 2014
Version 1, Release 3 - 15 December 2014
Resubmit to change status to final
Version 1, Release 4 - 23 January 2015
Version 1, Release 6 - 03 August 2015
Changed status from "under review" to "final" - 11 September 2015
Version 1, Release 7 - 29 January 2016
3/8/2016 - Promote to Final
4/27/2016 - version 1 release 8
moved to FINAL - 6/7/2016
updated to v1, r9 - 07/22/2016
Updated to FINAL - 09/12/2016
Updated STIG to V1, R10 - 10-28-2016
updated to FINAL - 12/07/2016
Updated to Version 1, Release 11 - 01/27/2017
Updated to FINAL - 03/08/2017
Updated to Version 1, Release 12 - 02/28/2017
Update to FINAL - 04/24/2017
null
Updated URL to reflect change to the DISA website - http --> https
updated to v1,r14 - 02/16/2018
Updated to FINAL - 3/18/2018
updated to v1,r15 - 4/25/18
Updated to FINAL - 5/25/18
updated to Version 1, Release 16 - 7/24/18
Added GPOs - 8/6/18
Updated to FINAL - 9/6/2018
Updated GPO Resource - 11/29/2018
Corrected SHA for GPO file - 12/19/2018
updated GPO file - 2/8/19
Status Updated to FINAL - 3/8/19
updated to Ver 1, Rel 17 - 4/30/19
Updated GPO resource - 5/2/19
Updated to FINAL  - 6/4/19
Updated URLs - 6/7/19
Updated URLs - 6/17/19
Updated GPO Package - 8/14/19
Updated GPO file - 10/31/19
updated URLs - 11/1/19
updated URLs per DISA - 1/21/2020
Updated GPO file per DISA - 1/29/2020
Updated GPO file per DISA - 2/3/2020
updated GPO file - 3/6/2020
updated resource title per DISA - 3/12/2020
updated GPO file - 4/27/2020
updated GPO file per DISA - 7/7/2020
updated URLs - 8/3/2020
Updated GPO file per DISA - 8/5/2020
updated GPO file - 10/29/2020
Updated GPO - 12/4/2020
Updated GPO per DISA - 1/28/21
Updated GPO per DISA - 3/1/21
added SCC links per DISA guidance - 4/20/2021
Updated GPO per DISA - 5/12/21
Updated resources per DISA - 5/25/21
updated benchmark - 7/28/2021
Updated GPO - 8/9/21
null
Updated GPO per DISA - 8/24/21
updated SCC tool per DISA - 9/16/2021
updated URLs - 10/27/2021
updated GPO files - 11/22/2021
Updated GPO per DISA - 2/17/22
Updated GPO per DISA - 5/2/22
null
Updated GPO per DISA - 5/29/22
null
Updated SCC per DISA - 6/14/22
Updated resource per DISA - 8/1/22
null
null
SCC - 10/13/22
Updated resource per DISA - 10/26/22
updated GPO file - 11/7/22
updated URLs - 11/15/2022
updated URLs per DISA - 1/17/2023
updated GPO file - 1/31/2023
updated SCC content - 2/3/2023
 updated SCC content - 3/9/2023
Updated resource per DISA - 4/27/23
Updated GPO per DISA - 5/1/23
updated SCC content - 6/22/23
updated SHA - 7/27/23
Updated GPO per DISA - 7/31/23
Updated GPO per DISA - 8/21/23
Updated SCC per DISA - 9/21/23
Updated GPO per DISA - 11/2/23
Corrected SHA discrepancy - 11/3/2023
updated URLs - 1/26/24
SHA - 2/7/24
Updated SCC Resources - 4/19/24
Updated Resources - 06/10/2024
Resource updated - 08/27/2024

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 08/27/2024