mir/Hardware-and-Firmware-Security-Guidance
2
0
Fork 0
mirror of https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance synced 2025-09-02 23:55:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add opera checks

Browse Source
This commit is contained in:
iadgovuser1
2018-01-25 13:27:10 -05:00
parent b2ab86997d
commit 3f9ed4c922
3 changed files with 86 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
guidance/windows/Browsers.md
View File

@@ -97,6 +97,6 @@ A custom Nessus audit file is available for scanning browsers on Windows operati
* If Edge exists, then that the Edge patched is installed. - partially implemented
* If Firefox is installed, then that Firefox 57.0.4 or newer is installed.
* If Firefox ESR is installed, then that Firefox 52.6 or newer is installed.
* If Opera is installed, then that Opera 50.0.2762.67 or newer is installed. - not implemented yet
* If Opera is installed, then that Opera 50.0.2762.67 or newer is installed.
**The Nessus audit file for browers on Windows is still a work in progress**.

2
verification/README.md
View File

@@ -36,7 +36,7 @@ The audit file performs the following checks:
* If Edge exists, then that the Edge patched is installed. - partially implemented
* If Firefox is installed, then that Firefox 57.0.4 or newer is installed.
* If Firefox ESR is installed, then that Firefox 52.6 or newer is installed.
* If Opera is installed, then that Opera 50.0.2762.67 or newer is installed. - not implemented yet
* If Opera is installed, then that Opera 50.0.2762.67 or newer is installed.
**The Nessus audit file for browers on Windows is still a work in progress**.

86
verification/windows/Verify-Spectre-Meltdown-Mitigations-Windows-Browsers.audit
View File

@@ -117,7 +117,7 @@
value_type: POLICY_TEXT
value_data: "HKLM\Software\Policies\Google\Chrome"
key_item: "SitePerProcess"
reg_option: MUST_EXIST
reg_option: MUST_EXIST
</custom_item>
<custom_item>
type: REGISTRY_SETTING
@@ -253,7 +253,8 @@
</custom_item>
</condition>
<then>
# this item on its own will false positive in the case where Firefox ESR has been installed, uninstalled, and where Firefox (RR or ESR) is not installed on the system
# this is due to FireFox ESR not deleting its registry keys and values on uninstall (Firefox RR does delete its registry keys on uninstall)
<custom_item>
type: AUDIT_POWERSHELL
description: "Detects if Firefox is updated."
@@ -307,5 +308,86 @@
</report>
</else>
</if>
# 5. if Opera is installed, then check if it is updated
<if>
<condition type: "or">
<custom_item>
type: FILE_CHECK
description: "Detects if Opera is installed at %ProgramFiles% (x86)"
info: "
Looks for:
%ProgramFiles% (x86)\Opera\launcher.exe
"
value_type: POLICY_TEXT
value_data: "%ProgramFiles% (x86)\Opera\launcher.exe"
file_option: MUST_EXIST
</custom_item>
<custom_item>
type: FILE_CHECK
description: "Detects if Opera is installed at %ProgramFiles%"
info: "
Looks for:
%ProgramFiles%\Opera\launcher.exe
"
value_type: POLICY_TEXT
value_data: "%ProgramFiles%\Opera\launcher.exe"
file_option: MUST_EXIST
</custom_item>
</condition>
<then>
<if>
<condition type: "or">
<custom_item>
type: FILE_VERSION
description: "Detects if Opera launcher in %ProgramFiles% is updated."
info: "
Detects if Opera launcher in %ProgramFiles% is updated.
Looks for %ProgramFiles%\Opera\launcher.exe version greater than or equal to 50.0.2762.67
"
value_type: POLICY_FILE_VERSION
value_data: "50.0.2762.67"
file_item: "%ProgramFiles%\Opera\launcher.exe"
file_option: MUST_EXIST
</custom_item>
<custom_item>
type: FILE_VERSION
description: "Detects if Opera launcher in %ProgramFiles% (x86) is updated."
info: "
Detects if Opera launcher in %ProgramFiles% (x86) is updated.
Looks for %ProgramFiles% (x86)\Opera\launcher.exe version greater than or equal to 50.0.2762.67
"
value_type: POLICY_FILE_VERSION
value_data: "50.0.2762.67"
file_item: "%ProgramFiles% (x86)\Opera\launcher.exe"
file_option: MUST_EXIST
</custom_item>
</condition>
<then>
<report type: "PASSED">
description: "Opera browser is updated."
info: "Opera browser is updated to at least 50.0.2762.67 or later."
</report>
</then>
<else>
<report type: "FAILED">
description: "Opera browser is not updated."
info: "Opera browser is not updated to at least 50.0.2762.67 or later."
</report>
</else>
</if>
</then>
<else>
<report type: "PASSED">
description: "Opera browser is not installed"
info: "Opera browser is not installed"
</report>
</else>
</if>
</group_policy>
</check_type>