Title

The ability to automatically hyperlink screenshots within Word, PowerPoint, Excel and Outlook must be disabled. (Cat II impact)

Discussion

The ability to automatically bind hyperlink to a screenshot inserted through the Insert Screenshot tool introduces the possibility of a malicious URL or website being imbedded in the Word, PowerPoint, Excel or Outlook document. Disabling the hyperlink in those screenshots will ensure users do not have the ability to directly open the hyperlinks.

Check Content

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Miscellaneous >> "Do not automatically hyperlink screenshots" is set to "Enabled". Use the Windows Registry Editor to navigate to the following HKCU\Software\Policies\Microsoft\Office\15.0\gfx If the value “disablescreenshotautohyperlink” is REG_DWORD = 1, this is not a finding.

Fix Text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2013 -> Miscellaneous -> "Do not automatically hyperlink screenshots" to "Enabled".

Additional Identifiers

Rule ID: SV-53195r4_rule

Vulnerability ID: V-40863

Group Title: DTOO406 - Disable automatic screenshot hyperlinking

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.