Check: O365-CO-000007
Microsoft Office 365 ProPlus STIG:
O365-CO-000007
(in versions v3 r1 through v2 r5)
Title
Trust Bar notifications must be configured to display information in the Message Bar about the content that has been automatically blocked. (Cat II impact)
Discussion
This policy setting controls whether Office 365 ProPlus applications notify users when potentially unsafe features or content are detected, or whether such features or content are silently disabled without notification. The Message Bar in Office 365 ProPlus applications is used to identify security issues, such as unsigned macros or potentially unsafe add-ins. When such issues are detected, the application disables the unsafe feature or content and displays the Message Bar at the top of the active window. The Message Bar informs the users about the nature of the security issue and, in some cases, provides the users with an option to enable the potentially unsafe feature or content, which could harm the user's computer. If this policy setting is enabled, Office 365 ProPlus applications do not display information in the Message Bar about potentially unsafe content that has been detected or has automatically been blocked.
Check Content
Verify the policy value for User Configuration >> Microsoft Office 2016 >> Security Settings >> Disable all Trust Bar notifications for security issues is set to "Disabled". Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\microsoft\office\16.0\common\trustcenter If the value trustbar is REG_DWORD = 0, this is not a finding.
Fix Text
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings "Disable all Trust Bar notifications for security issues" to "Disabled".
Additional Identifiers
Rule ID: SV-223290r1016167_rule
Vulnerability ID: V-223290
Group Title: SRG-APP-000131
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001749 |
The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization. |
CCI-003992 |
Prevent the installation of organization-defined software and firmware components without verification that the component has been digitally signed using a certificate that is recognized and approved by the organization. |
Controls
Number | Title |
---|---|
CM-5(3) |
Signed Components |