Check: DTOO304 - PowerPoint
Microsoft PowerPoint 2007:
DTOO304 - PowerPoint
(in versions v4 r16 through v4 r15)
Title
Enable Warning Bar settings for VBA macros contained in PowerPoint Files. (Cat II impact)
Discussion
By default, when users open files in the specified applications that contain VBA macros, the applications open the files with the macros disabled and display the Trust Bar with a warning that macros are present and have been disabled. Users can inspect and edit the files if appropriate, but cannot use any disabled functionality until they enable it by clicking Options on the Trust Bar and selecting the appropriate action. If users enable dangerous macros, it could affect their computers or cause sensitive information to be compromised.
Check Content
The policy value for User Configuration -> Administrative Templates -> Microsoft Office PowerPoint 2007 -> PowerPoint Options -> Security -> Trust Center “VBA Macro Warning Settings” will be set to “Enabled (Trust Bar warning for all macros)”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\12.0\PowerPoint\Security Criteria: If the value VBAWarnings is REG_DWORD = 2, this is not a finding.
Fix Text
The policy value for User Configuration -> Administrative Templates -> Microsoft Office PowerPoint 2007 -> PowerPoint Options -> Security -> Trust Center “VBA Macro Warning Settings” will be set to “Enabled (Trust Bar warning for all macros)”.
Additional Identifiers
Rule ID: SV-18639r1_rule
Vulnerability ID: V-17545
Group Title:
Expert Comments
CCIs
Number | Definition |
---|---|
No CCIs are assigned to this check |
Controls
Number | Title |
---|---|
No controls are assigned to this check |