Attachments using generated name for secure temporary folders must be configured.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-17733	DTOO269	SV-54038r1_rule		Medium

Description
The Secure Temporary Files folder is used to store attachments when they are opened in email. By default, Outlook generates a random name for the Secure Temporary Files folder and saves it in the Temporary Internet Files folder. This setting can be used to designate a specific path and folder to use as the Secure Temporary Files folder. This configuration is not recommended, because it means that all users will have temporary Outlook files in the same predictable location, which is not as secure. If the name of this folder is well known, a malicious user or malicious code might target this location to try and gain access to attachments.

Description

The Secure Temporary Files folder is used to store attachments when they are opened in email. By default, Outlook generates a random name for the Secure Temporary Files folder and saves it in the Temporary Internet Files folder. This setting can be used to designate a specific path and folder to use as the Secure Temporary Files folder. This configuration is not recommended, because it means that all users will have temporary Outlook files in the same predictable location, which is not as secure. If the name of this folder is well known, a malicious user or malicious code might target this location to try and gain access to attachments.

STIG	Date
Microsoft Outlook 2013 STIG	2018-09-05

Details

Check Text ( C-47981r1_chk )
Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Security -> Cryptography -> Signature Status dialog box "Attachment Secure Temporary Folder" is set to "Disabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\15.0\outlook\security\OutlookSecureTempFolder Criteria: If the registry key exists, this is a finding.

Check Text ( C-47981r1_chk )

Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Security -> Cryptography -> Signature Status dialog box "Attachment Secure Temporary Folder" is set to "Disabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\15.0\outlook\security\OutlookSecureTempFolder

Criteria: If the registry key exists, this is a finding.

Fix Text (F-46920r1_fix)
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Security -> Cryptography -> Signature Status dialog box "Attachment Secure Temporary Folder" to "Disabled".