Title

Disable the feature to "unblock automatic download of linked images" in PowerPoint. (Cat II impact)

Discussion

When users insert images into PowerPoint 2007 presentations, they can select Link to File instead of Insert. If they do so, the image is represented by a link to a file on disk instead of being embedded in the presentation file itself. By default, when PowerPoint opens a presentation it does not display any linked images saved on a different computer unless the presentation itself is saved in a trusted location (as configured in the Trust Center). If this configuration is changed, PowerPoint will load any images that were saved in remote locations, which presents a security risk.

Check Content

The policy value for User Configuration -> Administrative Templates -> Microsoft Office PowerPoint 2007 -> PowerPoint Options -> Security “Unblock automatic download of linked images” will be set to “Disabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\12.0\PowerPoint\Security Criteria: If the value DownloadImages is REG_DWORD = 0, this is not a finding

Fix Text

The policy value for User Configuration -> Administrative Templates -> Microsoft Office PowerPoint 2007 -> PowerPoint Options -> Security “Unblock automatic download of linked images” will be set to “Disabled”.

Additional Identifiers

Rule ID: SV-19044r1_rule

Vulnerability ID: V-17809

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.