An error occurred:

Check: DTOO409

Microsoft Office System 2016 STIG: DTOO409 (in versions v2 r3 through v1 r1)

Title

The ability to create an online presentation programmatically must be disabled. (Cat II impact)

Discussion

This policy setting allows you to restrict the ability to create an online presentation programmatically in PowerPoint and Word. If you enable this policy setting, an online presentation cannot be created programmatically. If you disable or do not configure this policy setting, an online presentation can be created programmatically.

Check Content

Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2016 -> Present Online -> "Restrict programmatic access for creating online presentations in PowerPoint and Word" is set to "Enabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\Microsoft\office\16.0\common\broadcast Criteria: If the value disableprogrammaticaccess is REG_DWORD = 1, this is not a finding.

Fix Text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2016 -> Present Online -> "Restrict programmatic access for creating online presentations in PowerPoint and Word" to "Enabled".

Additional Identifiers

Rule ID: SV-238039r879630_rule

Vulnerability ID: V-238039

Group Title: SRG-APP-000210

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001170

The information system prevents the automatic execution of mobile code in organization-defined software applications.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SC-18 (4)

Prevent Automatic Execution