Topic

Hardening user application configurations

Applicable to

all

History

Priority

should

Dec 2023

Web browsers are hardened using ASD and vendor hardening guidance, with the most restrictive guidance taking precedence when conflicts occur.

The existing control relating to web browsers being hardened using ASD and vendor hardening guidance was amended to recommend that the most restrictive guidance take precedence when conflicts occur.

Sep 2023

Web browsers are hardened using ASD and vendor hardening guidance.

References to ‘ACSC’ were replaced with ‘ASD’.

Sep 2023

Web browsers are hardened using ASD and vendor hardening guidance.

The existing control covering the hardening of web browsers was amended to recommend the implementation of both ACSC and vendor hardening guidance, noting that ACSC hardening guidance should generally be given preference when conflicting guidance arises.

Jun 2023

ACSC or vendor hardening guidance for web browsers is implemented.

AThe existing control relating to ACSC or vendor hardening guidance being implemented for web browsers, Microsoft Office and PDF software was split into three separate controls to facilitate independent implementation and assessment in accordance with the Essential Eight Maturity Model. [ISM-1412, ISM-1859, ISM-1860]

Feb 2019

ACSC and vendor guidance is implemented to assist in hardening the configuration of Microsoft Office, web browsers and PDF viewers.

Security controls 1412 and 1470 were modified to replace ‘PDF reader’ with ‘PDF viewer’ to ensure consistency of language within the document and with other publications such as the Strategies to Mitigate Cyber Security Incidents and the Essential Eight Maturity Model.

Jan 2019

ACSC and vendor guidance is implemented to assist in hardening the configuration of Microsoft Office, web browsers and PDF readers.

2015

Vendor guidance should be followed to assist in securely configuring their products.