Check: O365-AC-000001
Microsoft Office 365 ProPlus STIG:
O365-AC-000001
(in versions v3 r1 through v1 r1)
Title
Macros must be blocked from running in Access files from the Internet. (Cat II impact)
Discussion
This policy setting allows you to block macros from running in Office files that come from the Internet. If you enable this policy setting, macros are blocked from running, even if “Enable all macros” is selected in the Macro Settings section of the Trust Center. Also, instead of having the choice to “Enable Content”, users will receive a notification that macros are blocked from running. If the Office file is saved to a trusted location or was previously trusted by the user, macros will be allowed to run. If you disable or do not configure this policy setting, the settings configured in the Macro Settings section of the Trust Center determine whether macros run in Office files that come from the Internet.
Check Content
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Access 2016 >> Application Settings >> Security >> Trust Center "Block macros from running in Office files from the Internet" is set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\16.0\access\security If the value blockcontentexecutionfrominternet is REG_DWORD = 1, this is not a finding.
Fix Text
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Access 2016 >> Application Settings >> Security >> Trust Center "Block macros from running in Office files from the Internet" to "Enabled".
Additional Identifiers
Rule ID: SV-223280r961050_rule
Vulnerability ID: V-223280
Group Title: SRG-APP-000179
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001170 |
Prevents the automatic execution of mobile code in organization-defined software applications. |
Controls
Number | Title |
---|---|
SC-18(4) |
Prevent Automatic Execution |