Check: O365-PT-000008
Microsoft Office 365 ProPlus STIG:
O365-PT-000008
(in versions v2 r12 through v1 r1)
Title
Unsigned add-ins in PowerPoint must be blocked with no Trust Bar Notification to the user. (Cat II impact)
Discussion
This policy setting controls whether the specified Office application notifies users when unsigned application add-ins are loaded or silently disable such add-ins without notification. This policy setting only applies if you enable the "Require that application add-ins are signed by Trusted Publisher" policy setting, which prevents users from changing this policy setting. If you enable this policy setting, applications automatically disable unsigned add-ins without informing users. If you disable this policy setting, if this application is configured to require that all add-ins be signed by a trusted publisher, any unsigned add-ins the application loads will be disabled and the application will display the Trust Bar at the top of the active window. The Trust Bar contains a message that informs users about the unsigned add-in. If you do not configure this policy setting, the disable behavior applies, and in addition, users can configure this requirement themselves in the "Add-ins" category of the Trust Center for the application.
Check Content
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft PowerPoint 2016 >> PowerPoint Options >> Security >> Trust Center "Disable Trust Bar Notification for unsigned application add-ins and block them" is set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\Microsoft\office\16.0\powerpoint\security If the value notbpromptunsignedaddin is REG_DWORD = 1, this is not a finding.
Fix Text
Set the policy value for User Configuration >> Administrative Templates >> Microsoft PowerPoint 2016 >> PowerPoint Options >> Security >> Trust Center "Disable Trust Bar Notification for unsigned application add-ins and block them" to "Enabled".
Additional Identifiers
Rule ID: SV-223384r879584_rule
Vulnerability ID: V-223384
Group Title: SRG-APP-000131
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001749 |
The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization. |
Controls
Number | Title |
---|---|
CM-5 (3) |
Signed Components |