Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-17581 | DTOO212 - Office | SV-18701r1_rule | ECSC-1 | Medium |
Description |
---|
The blogging feature in Word 2007 enables users to compose blog entries and post them to their blogs directly from Word, without using any additional software. By default, users can post blog entries to any compatible blogging service provider, including Windows Live Spaces, Blogger, a SharePoint or Community Server site, and others. If your organization has policies that govern the posting of blog entries, allowing users to access the blogging feature in Word 2007 might enable them to violate those policies. |
STIG | Date |
---|---|
Microsoft Office System 2007 | 2014-01-07 |
Check Text ( C-18882r1_chk ) |
---|
The policy value for User Configuration -> Administrative Templates -> Microsoft Office 2007 system -> Miscellaneous “Control Blogging” will be set to “Enabled (Only SharePoint blogs allowed)”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\Common\Blog Criteria: If the value DisableBlog is REG_DWORD = 1, this is not a finding. |
Fix Text (F-17500r1_fix) |
---|
The policy value for User Configuration -> Administrative Templates -> Microsoft Office 2007 system -> Miscellaneous “Control Blogging” will be set to “Enabled (Only SharePoint blogs allowed)”. "Note: Group Policy Administrative Templates are available from the www.microsoft.com download site. The MS Office 2007 System (Office12.adm) is included in the AdminTemplates.exe file. This template provides the mechanisms to incorporate Microsoft Office 2007 System policies via the Microsoft Group Policy Editor (gpedit.msc)." "Note: If the Microsoft Group Policy Editor (gpedit.msc) is not used to incorporate the remediation to this vulnerability the Microsoft Registry Editor (regedit.exe) may be used to create the registry key and value required." |