Check: DTOO289
Microsoft PowerPoint 2013 STIG:
DTOO289
(in versions v1 r6 through v1 r5)
Title
The ability to run programs from a PowerPoint presentation must be disallowed. (Cat II impact)
Discussion
Action buttons can be used to launch external programs from PowerPoint presentations. If a malicious person adds an action button to a presentation that launches a dangerous program, it could significantly affect the security of a user's computer and data.
Check Content
Verify the policy value for User Configuration -> Administrative Templates -> Microsoft PowerPoint 2013 -> PowerPoint Options -> Security "Run Programs" must be "Enabled (disable - (don't run any programs))". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\15.0\PowerPoint\security Criteria: If the value RunPrograms is REG_DWORD = 0, this is not a finding.
Fix Text
Set the policy value for User Configuration -> Administrative Templates -> Microsoft PowerPoint 2013 -> PowerPoint Options -> Security "Run Programs" to "Enabled (disable - (don't run any programs))".
Additional Identifiers
Rule ID: SV-53519r1_rule
Vulnerability ID: V-17788
Group Title: DTOO289 - Running programs in PowerPoint
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001170 |
The information system prevents the automatic execution of mobile code in organization-defined software applications. |
Controls
Number | Title |
---|---|
SC-18 (4) |
Prevent Automatic Execution |