Corrupt workbook options must be disallowed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-41346 | DTOO419 | SV-53843r1_rule | Medium |
| Description |
|---|
| This setting controls whether Excel presents users with a list of data extraction options before beginning an Open and Repair operation when users choose to open a corrupt workbook in repair or extract mode. A corrupt Excel file may be indicative of malicious tampering. By allowing the automatic handling of corrupt spreadsheets, malicious code may be introduced to the user's computer and the network. |
| STIG | Date |
|---|---|
| Microsoft Excel 2013 STIG | 2018-04-03 |
Details
| Check Text ( C-47897r1_chk ) |
|---|
| Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Excel 2013 -> Data Recovery -> "Do not show data extraction options when opening corrupt workbooks" is set to "Enabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\microsoft\office\15.0\excel\options Criteria: If the value extractdatadisableui is REG_DWORD = 1, this is not a finding. |
| Fix Text (F-46746r1_fix) |
|---|
| Set the policy value for User Configuration -> Administrative Templates -> Microsoft Excel 2013 -> Data Recovery -> "Do not show data extraction options when opening corrupt workbooks" to "Enabled". |