Check: O365-EX-000030
Microsoft Office 365 ProPlus STIG:
O365-EX-000030
(in versions v2 r12 through v2 r6)
Title
Untrusted database files must be opened in Excel in Protected View mode. (Cat II impact)
Discussion
This policy setting controls whether database files (.dbf) opened from an untrusted location are always opened in Protected View. If you enable this policy setting, database files opened from an untrusted location are always opened in Protected View. Users will not be able to change this setting under File >> Options >> Trust Center >> Trust Center Settings >> Protected View. If you disable or do not configure this policy setting, database files opened from an untrusted location are not opened in Protected View, unless users have changed this setting in the Trust Center. Note: This policy setting only applies to subscription versions of Office, such as Office 365 ProPlus.
Check Content
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Excel 2016 >> Excel Options >> Security >> Trust Center >> Protected View >> Always open untrusted database files in Protected View is set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\microsoft\office\16.0\excel\security\protectedview If the value for enabledatabasefileprotectedview is REG_DWORD = 1, this is not a finding.
Fix Text
Set policy value for User Configuration >> Administrative Templates >> Microsoft Excel 2016 >> Excel Options >> Security >> Trust Center >> Protected View >> Always open untrusted database files in Protected View to "Enabled".
Additional Identifiers
Rule ID: SV-223339r879628_rule
Vulnerability ID: V-223339
Group Title: SRG-APP-000207
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001662 |
The information system takes organization-defined corrective action when organization-defined unacceptable mobile code is identified. |
Controls
Number | Title |
---|---|
SC-18 (1) |
Identify Unacceptable Code / Take Corrective Actions |