Plugins that require authorization are allowed to run without user permission
Description
Unauthorized plugins can compromise security. Disable "Always runs plugins that require authorization", so that the users will be asked for permission to run plugins that require authorization.
Severity
Critical
Category
Chrome Security Hardening
Resolution
Follow the below steps in GPO to resolve the misconfiguration.
Windows group policy:
1. Open the group policy editor tool with gpedit.mscĀ
2. Navigate to Policy Path: Computer ConfigurationAdministrative TemplatesGoogleGoogle Chrome Policy Name: Always runs plugins that require authorization Policy State: Disabled Policy Value: N/A
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.