Check: O365-PT-000011
Microsoft Office 365 ProPlus STIG:
O365-PT-000011
(in versions v2 r12 through v1 r1)
Title
Files in unsafe locations must be opened in Protected view in PowerPoint. (Cat II impact)
Discussion
This policy setting determines whether files located in unsafe locations will open in Protected View. If unsafe locations have not been specified, only the "Downloaded Program Files" and "Temporary Internet Files" folders are considered unsafe locations. If enabling this policy setting, files located in unsafe locations do not open in Protected View. If disabling or not configuring this policy setting, files located in unsafe locations open in Protected View.
Check Content
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft PowerPoint 2016 >> PowerPoint Options >> Security >> Trust Center >> Protected View "Do not open files in unsafe locations in Protected View" is set to "Disabled". Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\16.0\PowerPoint\security\protectedview If the value DisableUnsafeLocationsInPV is REG_DWORD = 0, this is not a finding.
Fix Text
Set the policy value for User Configuration >> Administrative Templates >> Microsoft PowerPoint 2016 >> PowerPoint Options >> Security >> Trust Center >> Protected View "Do not open files in unsafe locations in Protected View" to "Disabled".
Additional Identifiers
Rule ID: SV-223387r879628_rule
Vulnerability ID: V-223387
Group Title: SRG-APP-000207
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001662 |
The information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified. |
Controls
Number | Title |
---|---|
SC-18 (1) |
Identify Unacceptable Code / Take Corrective Actions |