Documents must be configured to not open as Read Write when browsing.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-17759 | DTOO179 | SV-52714r3_rule | Medium |
| Description |
|---|
| By default, when an Office 2013 document on a web server is opened using Internet Explorer, the appropriate application opens the file in read-only mode. However, if the default configuration is changed, the document is opened as read/write. Users could potentially make changes to documents and resave them in situations where the web server security is not configured to prevent such changes. |
| STIG | Date |
|---|---|
| Microsoft Office System 2013 STIG | 2017-06-20 |
Details
| Check Text ( C-47042r5_chk ) |
|---|
| Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Tools | Options | General | Web Options... >> Files "Open Office documents as read/write while browsing" is set to "Disabled". Use the Windows Registry Editor to navigate to the following hive: HKEY_Users For every users profile hive under HKEY_Users, navigate to the following key: \Software\Policies\Microsoft\Office\15.0\common If the value “OpenDocumentsReadWriteWhileBrowsing” for every user profile hive is REG_DWORD = 0, this is not a finding. |
| Fix Text (F-45638r2_fix) |
|---|
| Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Tools | Options | General | Web Options... >> Files "Open Office documents as read/write while browsing" to "Disabled". |