Checklist Summary:

The Internet Explorer (IE) 8 Overview, along with the IE 8 and Windows Desktop Application Security Technical Implementation Guides (STIGs), provides the technical security policies, requirements, and implementation details for applying security concepts to Commercial-Off-The-Shelf (COTS) applications.

Checklist Role:

• Web Browser

Known Issues:

Not provided.

Target Audience:

The requirements and recommendations set forth in this document will assist IAOs and Information Assurance Managers (IAMs) in protecting desktop applications in DoD locations hereafter referred to as sites. The responsible Configuration Control Board (CCB) will approve revisions to site systems that could have a security impact. Therefore, before implementing desktop application security measures, the IAO will submit a change notice to the CCB for review and approval. Although there are a few different operating system platforms for desktop environments, this document addresses applications running on Microsoft Windows platforms. This document does not include specific guidance for UNIX, Linux, or Apple desktop environments at this time. The security requirements detailed in this document apply to applications installed on Microsoft Windows Server platforms as well as Microsoft Windows Workstation platforms. On server platforms, the security configuration parameters will be set to at least as restrictive values as those listed in this document.

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DoDD 8500.1

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

It must be noted that the guidelines specified should be evaluated in a local, representative test environment before implementation within large user populations. The extensive variety of environments makes it impossible to test these guidelines for all potential software configurations. For some environments, failure to test before implementation may lead to a loss of required functionality.

Product Support:

Not provided.

Point of Contact:

disa.letterkenny.FSO.mbx.stig-customer-support-mailbox@mail.mil

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

Changed status from "Under Review" to "Final" - 03 June 2015
Version 1, Release 14 - 25 July 2014 (XCCDF only)
Version 1, Release 13 - 25 April 2014 (XCCDF only)
Version 1, Release 12 - 24 January 2014 (XCCDF only)
Version 1, Release 11 - 24 January 2014 (Benchmark)
Version 1, Release 11 - 25 October 2013 (XCCDF only)
Version 1, Release 10 - 26 July 2013
Version 1, Release 10 - 26 April 2013
Version 1, Release 9 - 25 January 2013 
Version 1, Release 8 - 26 October 2012
Version 1, Release 7 - 27 July 2012
Version 1, Release 6 - 27 April 2012
Version 1, Release 5 - 29 April 2011
Version 1, Release 4 - 28 January 2011
Version 1, Release 3 - 27 August 2010
Version 1, Release 2 - 25 June 2010
Version 1, Release 0 - 30 May 2010
Version 1, Release 15 - 30 October 2014
Version 1, Release 16
Updated "Point of Contact" - 08 January 2015
Version 1, Release 17 - 23 January 2015

Dependency/Requirements:

URL	Description
http://iase.disa.mil/stigs/Documents/unclassified_internet_explorer_8_release_memo.pdf	Internet Explorer 8 STIG Release Memo

References:

Reference URL	Description

NIST checklist record last modified on 06/03/2015