Always warn on untrusted macros must be enforced.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-17798 | DTOO276 | SV-54050r2_rule | Medium |
| Description |
|---|
| To protect users from dangerous code, the Outlook default configuration disables all macros that are not trusted, including unsigned macros, macros with expired or invalid signatures, and macros with valid signatures from publishers who are not on users' Trusted Publishers lists. The default configuration also allows macros that are signed by trusted publishers to run automatically without notifying users, which could allow dangerous code to run. |
| STIG | Date |
|---|---|
| Microsoft Outlook 2013 STIG | 2018-09-05 |
Details
| Check Text ( C-47989r4_chk ) |
|---|
| Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2013 >> Security >> Trust Center "Security setting for macros" is "Enabled (Always warn)". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\15.0\outlook\security Criteria: If the value of "Level" is REG_DWORD = 2, this is not a finding. |
| Fix Text (F-46929r2_fix) |
|---|
| Set the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2013 >> Security >> Trust Center "Security setting for macros" to "Enabled (Always warn)". |