An error occurred:

Check: DTOO236

Microsoft Outlook 2016 STIG: DTOO236 (in versions v2 r3 through v1 r1)

Title

The Add-In Trust Level must be configured. (Cat II impact)

Discussion

All installed trusted COM addins can be trusted. Exchange Settings for the addins still override if present and this option is selected.

Check Content

Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Security "Configure Add-In Trust Level" is set to "Enabled (Trust all loaded and installed COM addins)". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\16.0\outlook\security Criteria: If the value AddinTrust is REG_DWORD = 1, this is not a finding.

Fix Text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Security "Configure Add-In Trust Level" to "Enabled (Trust all loaded and installed COM addins)".

Additional Identifiers

Rule ID: SV-228436r508021_rule

Vulnerability ID: V-228436

Group Title: SRG-APP-000210

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001170

The information system prevents the automatic execution of mobile code in organization-defined software applications.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
SC-18 (4)

Prevent Automatic Execution