An error occurred:

Check: DTOO119 - Excel

Microsoft Excel 2010: DTOO119 - Excel (in versions v1 r11 through v1 r10)

Title

Configuration for file validation must be enforced. (Cat II impact)

Discussion

Office Binary Documents (97-2003) are checked to see if they conform against the file format schema before they are opened.

Check Content

The policy value for User Configuration -> Administrative Templates -> Microsoft Excel 2010 -> Excel Options -> Security “Turn off file validation” must be set to “Disabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\14.0\excel\security\filevalidation Criteria: If the value EnableOnLoad is REG_DWORD = 1, this is not a finding.

Fix Text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Excel 2010 -> Excel Options -> Security “Turn off file validation” to “Disabled".

Additional Identifiers

Rule ID: SV-33874r1_rule

Vulnerability ID: V-26592

Group Title: DTOO119 - Turn off file validation

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001695

The information system prevents the execution of organization-defined unacceptable mobile code.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SC-18 (3)

Prevent Downloading / Execution