Title

Save files default format must be configured. (Cat II impact)

Discussion

When users create new document files, Word 2010 saves them in the new Word 2010 .docx format. Ensure this setting is enabled to specify that all new files are created in Word 2010. If a new document is created in an earlier format, some users may not be able to open or use the file, or they may choose a format this is less secure than the Word 2010 format. Users can still select a specific format when they save files, but they cannot change default of this setting from the Word Options dialog box. This enforced user behavior ensures any change to the file format requires additional deliberate user interaction.

Check Content

The policy value for User Configuration -> Administrative Templates -> Microsoft Word 2010 -> Word Options -> Save "default file format" must be set to "Enabled Word Document (.docx)”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\14.0\word\options Criteria: If the value DefaultFormat is REG_SZ = (blank), this is not a finding.

Fix Text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Word 2010 -> Word Options -> Save "default file format" to "Enabled Word Document (.docx)”.

Additional Identifiers

Rule ID: SV-33610r1_rule

Vulnerability ID: V-17521

Group Title: DTOO139 - Save files default format

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.