Title

Document Information panel Beaconing must show UI. (Cat II impact)

Discussion

This policy setting controls whether users see a security warning when they open custom Document Information Panels that contain a web beaconing threat. Web beacons can be used to contact an external server when users open forms. Information could be gathered by the form, or information entered by users could be sent to an external server, exposing the internal users and systems to additional attacks.

Check Content

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Document Information Panel "Document Information Panel Beaconing UI" is set to "Enabled (Always show UI)". Use the Windows Registry Editor to navigate to the following HKCU\Software\Policies\Microsoft\Office\15.0\common\documentinformationpanel If the value “Beaconing” is REG_DWORD = 1, this is not a finding.

Fix Text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2013 -> Document Information Panel "Document Information Panel Beaconing UI" to "Enabled (Always show UI)".

Additional Identifiers

Rule ID: SV-52754r4_rule

Vulnerability ID: V-17605

Group Title: DTOO207 - Document Info Beaconing UI

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.