Title

Disable the ability to run programs from a PowerPoint presentation. (Cat II impact)

Discussion

Action buttons can be used to launch external programs from PowerPoint 2007 presentations. If a malicious person adds an action button to a presentation that launches a dangerous program, it could significantly affect the security of a user's computer and data.

Check Content

The policy value for User Configuration -> Administrative Templates -> Microsoft Office PowerPoint 2007 -> PowerPoint Options -> Security “Run Programs” will be set to “Enabled (disable (don't run any programs))”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\12.0\PowerPoint\Security Criteria: If the value RunPrograms is REG_DWORD = 0, this is not a finding

Fix Text

The policy value for User Configuration -> Administrative Templates -> Microsoft Office PowerPoint 2007 -> PowerPoint Options -> Security “Run Programs” will be set to “Enabled (disable (don't run any programs))”.

Additional Identifiers

Rule ID: SV-19007r1_rule

Vulnerability ID: V-17788

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.