UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Disabling of Fully Trusted Solutions access to computers must be configured.


Overview

Finding ID Version Rule ID IA Controls Severity
V-17658 DTOO159 SV-53353r1_rule Medium
Description
InfoPath users can choose whether to allow trusted forms to run on their computers. The Full Trust security level allows a form to access local system resources, such as COM components or files on users' computers, and suppresses certain security prompts. It can only be used with forms that are installed on users' computers or with forms using a form template that is digitally signed with a trusted root certificate. As with any security model that allows trusted entities to operate with fewer security controls, if a form with malicious content is marked as fully trusted it could be used to compromise information security or affect users' computers.
STIG Date
Microsoft InfoPath 2013 STIG 2016-08-09

Details

Check Text ( C-47618r1_chk )
The policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2013 -> Security -> "Disable fully trusted solutions full access to computer" must be set to "Enabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\15.0\InfoPath\security

Criteria: If the value RunFullTrustSolutions is REG_DWORD = 0, this is not a finding.
Fix Text (F-46280r1_fix)
Set the policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2013 -> Security -> "Disable fully trusted solutions full access to computer" to "Enabled".