Title

Changing permissions on rights managed content for users must be enforced. (Cat II impact)

Discussion

This setting controls whether Office 2013 users can change permissions for content that is protected with Information Rights Management (IRM). The Information Rights Management feature of Office 2013 allows individuals and administrators to specify access permissions to Word documents, Excel workbooks, PowerPoint presentations, InfoPath templates and forms, and Outlook email messages. This functionality helps prevent sensitive information from being printed, forwarded, or copied by unauthorized people.

Check Content

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Manage Restricted Permissions "Prevent users from changing permissions on rights managed content" is set to "Disabled". Use the Windows Registry Editor to navigate to the following HKCU\Software\Policies\Microsoft\Office\15.0\common\drm Criteria: If the value 'DisableCreation' is REG_DWORD = 0, this is not a finding.

Fix Text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2013 -> Manage Restricted Permissions "Prevent users from changing permissions on rights managed content" to "Disabled".

Additional Identifiers

Rule ID: SV-228554r557517_rule

Vulnerability ID: V-228554

Group Title: SRG-APP-000328

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.