UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Trust Bar Notifications for unsigned applications must be disabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-40738 DTOO131 SV-52796r1_rule Medium
Description
If an application is configured to require all add-ins to be signed by a trusted publisher, any unsigned add-ins the application loads will be disabled and the application will display the Trust Bar at the top of the active window. The Trust Bar contains a message informing users about the unsigned add-in. If a user is allowed to make the determination to allow an unsigned add-in, it increases the risk of malicious code being introduced onto the user's computer or the network.
STIG Date
Microsoft Visio 2013 STIG 2013-12-12

Details

Check Text ( C-47125r1_chk )
Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Visio 2013 -> Visio Options -> Security -> Trust Center -> "Disable Trust Bar Notification for unsigned application add-ins and block them" is set to "Enabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\software\policies\Microsoft\office\15.0\Visio\security

Criteria: If the value notbpromptunsignedaddin is REG_DWORD = 1, this is not a finding.
Fix Text (F-45722r1_fix)
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Visio 2013 -> Visio Options -> Security -> Trust Center -> "Disable Trust Bar Notification for unsigned application add-ins and block them" to "Enabled".