Check: DTOO134 - PowerPoint
Microsoft PowerPoint 2007:
DTOO134 - PowerPoint
(in versions v4 r16 through v4 r15)
Title
Disable settings for content and add-ins that "Allow trusted locations not on computer" that might bypass more stringent security checks. (Cat II impact)
Discussion
By default, files located in trusted locations and specified in the Trust Center are assumed to be safe. Content, code, and add-ins are allowed to load from trusted locations with minimal security and without prompting the user for permission. By default, users can specify trusted locations on network shares or in other remote locations that are not under their direct control by selecting the Allow Trusted Locations on my network (not recommended) check box in the Trusted Locations section of the Trust Center. If a dangerous file is opened from a trusted location, it will not be subject to typical security measures and could affect users' computers or data.
Check Content
The policy value for User Configuration -> Administrative Templates -> Microsoft Office PowerPoint 2007 -> PowerPoint Options -> Security -> Trust Center -> Trusted Locations “Allow Trusted Locations not on the computer” will be set to “Disabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\12.0\PowerPoint\Security\Trusted Locations Criteria: If the value AllowNetworkLocations is REG_DWORD = 0, this is not a finding.
Fix Text
The policy value for User Configuration -> Administrative Templates -> Microsoft Office PowerPoint 2007 -> PowerPoint Options -> Security -> Trust Center -> Trusted Locations “Allow Trusted Locations not on the computer” will be set to “Disabled”.
Additional Identifiers
Rule ID: SV-18599r1_rule
Vulnerability ID: V-17520
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |