Check: O365-CO-000012
Microsoft Office 365 ProPlus STIG:
O365-CO-000012
(in versions v3 r1 through v1 r1)
Title
Office applications must not load XML expansion packs with Smart Documents. (Cat II impact)
Discussion
This policy setting controls whether Office 365 ProPlus applications can load an XML expansion pack manifest file with a Smart Document.
Check Content
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Smart Documents (Word, Excel) >> Disable Smart Document's use of manifests is set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\microsoft\office\common\smart tag If the value for neverloadmanifests is REG_DWORD = 1, this is not a finding.
Fix Text
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Smart Documents (Word, Excel) >> Disable Smart Document's use of manifests to "Enabled".
Additional Identifiers
Rule ID: SV-223294r961863_rule
Vulnerability ID: V-223294
Group Title: SRG-APP-000516
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |