Check: DTOO239 - Outlook
Microsoft Outlook 2007:
DTOO239 - Outlook
(in versions v4 r16 through v4 r15)
Title
Configure Outlook Security Mode to use Policy settings. - Outlook. (Cat II impact)
Discussion
If users can configure security themselves, they might choose levels of security that leave their computers vulnerable to attack. By default, Outlook 2007 users can configure security for themselves, and Outlook ignores any security-related settings that are configured in Group Policy.
Check Content
The policy value for User Configuration -> Administrative Templates -> Microsoft Office Outlook 2007 -> Security -> Security Form Settings “Outlook Security Mode” will be set to “Enabled (Use Outlook Security Group Policy)”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\12.0\Outlook\Security Criteria: If the value AdminSecurityMode is REG_DWORD = 3, this is not a finding.
Fix Text
The policy value for User Configuration -> Administrative Templates -> Microsoft Office Outlook 2007 -> Security -> Security Form Settings “Outlook Security Mode” will be set to “Enabled (Use Outlook Security Group Policy)”.
Additional Identifiers
Rule ID: SV-18958r1_rule
Vulnerability ID: V-17760
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |