UCF STIG Viewer Logo

Users customizing attachment security settings must be prevented.


Overview

Finding ID Version Rule ID IA Controls Severity
V-17766 DTOO238 SV-53929r1_rule Medium
Description
All installed trusted COM addins can be trusted. Exchange settings for the addins still override if present and this option is selected.
STIG Date
Microsoft Outlook 2013 STIG 2018-09-05

Details

Check Text ( C-47939r1_chk )
Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Security "Prevent users from customizing attachment security settings" is set to "Enabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\15.0\outlook

Criteria: If the value DisallowAttachmentCustomization is REG_DWORD = 1, this is not a finding.
Fix Text (F-46829r1_fix)
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Security "Prevent users from customizing attachment security settings" to "Enabled".