An error occurred:

Check: DTOO105 - Excel

Microsoft Excel 2010: DTOO105 - Excel (in versions v1 r11 through v1 r10)

Title

Open/Save actions for Excel 4 macrosheets and add-in files must be blocked. (Cat II impact)

Discussion

This policy setting allows for determining whether users can open, view, edit, or save Excel files with the format specified by the title. If enabling this policy setting, specify whether users can open, view, edit, or save files. The options that can be selected are below. Note: Not all options may be available for this policy setting. - Do not block: The file type will not be blocked. - Save blocked: Saving of the file type will be blocked. - Open/Save blocked, use open policy: Both opening and saving of the file type will be blocked. The file will open based on the policy setting configured in the "default file block behavior" key. - Block: Both opening and saving of the file type will be blocked, and the file will not open. - Open in Protected View: Both opening and saving of the file type will be blocked, and the option to edit the file type will not be enabled. - Allow editing and open in Protected View: Both opening and saving of the file type will be blocked, and the option to edit will be enabled. If you disable or do not configure this policy setting, the file type will not be blocked.

Check Content

The policy value for User Configuration -> Administrative Templates -> Microsoft Excel 2010 -> Excel Options -> Security -> Trust Center -> File Block Settings “Excel 4 macrosheets and add-in files” must be “Enabled: Open/Save blocked, use open policy". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\14.0\excel\security\fileblock Criteria: If the value XL4Macros is REG_DWORD = 2, this is not a finding.

Fix Text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Excel 2010 -> Excel Options -> Security -> Trust Center -> File Block Settings “Excel 4 macrosheets and add-in files” to “Enabled: Open/Save blocked, use open policy".

Additional Identifiers

Rule ID: SV-34269r1_rule

Vulnerability ID: V-26607

Group Title: DTOO105 - Excel 4 macrosheets and add-in files

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001662

The information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SC-18 (1)

Identify Unacceptable Code / Take Corrective Actions