Trust Bar notifications must be configured to display information in the Message Bar about the content that has been automatically blocked. (Cat II impact)
This policy setting controls whether Office 365 ProPlus applications notify users when potentially unsafe features or content are detected, or whether such features or content are silently disabled without notification. The Message Bar in Office 365 ProPlus applications is used to identify security issues, such as unsigned macros or potentially unsafe add-ins. When such issues are detected, the application disables the unsafe feature or content and displays the Message Bar at the top of the active window. The Message Bar informs the users about the nature of the security issue and, in some cases, provides the users with an option to enable the potentially unsafe feature or content, which could harm the user's computer. If this policy setting is enabled, Office 365 ProPlus applications do not display information in the Message Bar about potentially unsafe content that has been detected or has automatically been blocked.
Verify the policy value for User Configuration >> Microsoft Office 2016 >> Security Settings >> Disable all Trust Bar notifications for security issues is set to "Disabled". Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\microsoft\office\16.0\common\trustcenter If the value trustbar is REG_DWORD = 0, this is not a finding.
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings "Disable all Trust Bar notifications for security issues" to "Disabled".
Rule ID: SV-223290r822358_rule
Vulnerability ID: V-223290
Group Title: SRG-APP-000131
The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.