An error occurred:

Check: DTOO244

Microsoft Outlook 2013 STIG: DTOO244 (in versions v1 r13 through v1 r11)

Title

Level 1 file extensions must be blocked and not removed. (Cat II impact)

Discussion

Malicious code is often spread through e-mail. Some viruses have the ability to send copies of themselves to other people in the victim's Address Book or Contacts list, and such potentially harmful files can affect the computers of unwary recipients.

Check Content

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2013 >> Security >> Security Form Settings >> Attachment Security "Remove file extensions blocked as Level 1" is set to "Disabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\15.0\outlook\security Criteria: HKCU\Software\Policies\Microsoft\Office\15.0\outlook\security\ Criteria: If the registry value “FileExtensionsRemoveLevel1” exists, this is a finding.

Fix Text

Set the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2013 >> Security >> Security Form Settings >> Attachment Security "Remove file extensions blocked as Level 1" to "Disabled".

Additional Identifiers

Rule ID: SV-55898r2_rule

Vulnerability ID: V-17774

Group Title: DTOO244 - Lvl 1 File extensions

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001662

The information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SC-18 (1)

Identify Unacceptable Code / Take Corrective Actions