Check: DTOO244 - Outlook
Microsoft Outlook 2010 STIG:
DTOO244 - Outlook
(in versions v1 r13 through v1 r12)
Title
Level 1 file extensions must be blocked and not removed. (Cat II impact)
Discussion
Malicious code is often spread through e-mail. Some viruses have the ability to send copies of themselves to other people in the victim's Address Book or Contacts list, and such potentially harmful files can affect the computers of unwary recipients.
Check Content
The policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security -> Security Form Settings -> Attachment Security “Remove file extensions blocked as Level 1” must be set to “Disabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\14.0\outlook\security\FileExtensionsRemoveLevel1 Criteria: If registry key exist, this is a finding.
Fix Text
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security -> Security Form Settings -> Attachment Security “Remove file extensions blocked as Level 1” to “Disabled”.
Additional Identifiers
Rule ID: SV-33583r1_rule
Vulnerability ID: V-17774
Group Title: DTOO244 - Lvl 1 File extensions
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001662 |
The information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified. |
Controls
| Number | Title |
|---|---|
| SC-18 (1) |
Identify Unacceptable Code / Take Corrective Actions |