U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

Google Chrome Browser STIG for Windows Version 2, Release 11 Checklist Details (Checklist Revisions)

SCAP 1.3 Content:

Supporting Resources:

Target:

Target CPE Name
Google Chrome cpe:/a:google:chrome (View CVEs)

Checklist Highlights

Checklist Name:
Google Chrome Browser STIG for Windows
Checklist ID:
483
Version:
Version 2, Release 11
Type:
Compliance
Review Status:
Final
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
07/28/2017

Checklist Summary:

The Google Chrome Browser Security Technical Implementation Guide (STIG) for Windows provides the technical security policies, requirements, and implementation details for applying security concepts to the current version of the Google Chrome web browser for Windows. This document and associated STIG are written to address security concerns with version 33 of the Google Chrome Browser and newer, and will be updated as new security concerns are released. The STIG is updated independently of the browser and will never be tied to a specific version of the software due in part to the rapid release cycle of Google, and that not all updates come with new security requirements. The SRG relationship and structure provides the ability to identify requirements that may be considered not applicable for a given technology family and provide appropriate justification. It also provides the structure to identify variations in specific values based on the technology family. These variations will be captured once and will propagate down to the Technology SRGs and then to the STIGs. This will eliminate the need for each product-specific STIG to address items that are not applicable.

Checklist Role:

  • Web Browser

Known Issues:

Not Provided

Target Audience:

Not Provided

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Although there are a few different operating system platforms for desktop environments, this document addresses Google Chrome running on Microsoft Windows platforms only. This document does not include specific guidance for UNIX, Linux, or Apple desktop environments at this time.

Regulatory Compliance:

DoD Instruction (DoDI) 8500.01

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via e-mail to the following address: [email protected]. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Disclaimer:

Not Provided

Product Support:

Not Provided.

Point of Contact:

[email protected]

Sponsor:

Not Provided

Licensing:

Not Provided

Change History: 



					

						Dependency/Requirements:
					

					

						
							

								URL
								Description
							

						
						
							
						
					


					

						References:
					


					

						
							

								Reference URL
								Description
							

						
						
							
						
					


					

						NIST checklist record last modified on 02/13/2026