Control behavior when opening eMail forms in the Trusted Site Security Zone

Control behavior when opening eMail forms in the Trusted Site Security Zone - InfoPath

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-17579	DTOO163 - InfoPath	SV-18697r1_rule	ECSC-1	Medium

Description
When InfoPath solutions are opened locally, the location of the form is checked so that updates to the form can be downloaded. If a user saves a form locally from a location in the Trusted Sites zone and then opens the same form from another location in the Trusted Sites zone, the cache will be updated with the new location information. If the user then opens the first form from its saved location, there will be a mismatch between the locally saved form and the locally cached form. This situation would typically happen when developers move forms to a new location, but if there is no warning when the cached location is used it could be misused by an attacker attempting to redirect the forms to a new location. This type of attack is a form of beaconing. By default, if the location information in the cached form and the saved form do not match, then the form cannot be opened without prompting the user for consent.

Description

When InfoPath solutions are opened locally, the location of the form is checked so that updates to the form can be downloaded. If a user saves a form locally from a location in the Trusted Sites zone and then opens the same form from another location in the Trusted Sites zone, the cache will be updated with the new location information. If the user then opens the first form from its saved location, there will be a mismatch between the locally saved form and the locally cached form. This situation would typically happen when developers move forms to a new location, but if there is no warning when the cached location is used it could be misused by an attacker attempting to redirect the forms to a new location. This type of attack is a form of beaconing. By default, if the location information in the cached form and the saved form do not match, then the form cannot be opened without prompting the user for consent.

STIG	Date
Microsoft InfoPath 2007	2015-10-02

Details

Check Text ( C-18880r1_chk )
The policy value for User Configuration -> Administrative Templates -> Microsoft Office InfoPath 2007 -> Security -> “Control behavior when opening forms in the Trusted Site security zone” will be set to “Enabled (Block)”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\12.0\InfoPath\Open Behaviors Criteria: If the value Trusted Site is REG_DWORD = 0, this is not a finding.

Check Text ( C-18880r1_chk )

The policy value for User Configuration -> Administrative Templates -> Microsoft Office InfoPath 2007 -> Security -> “Control behavior when opening forms in the Trusted Site security zone” will be set to “Enabled (Block)”.

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\12.0\InfoPath\Open Behaviors

Criteria: If the value Trusted Site is REG_DWORD = 0, this is not a finding.

Fix Text (F-17498r1_fix)
The policy value for User Configuration -> Administrative Templates -> Microsoft Office InfoPath 2007 -> Security -> “Control behavior when opening forms in the Trusted Site security zone” will be set to “Enabled (Block)”.