Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Trust Bar Notifications for unsigned applications must be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-40738 | DTOO131 | SV-52796r1_rule | Medium |
| Description |
|---|
| If an application is configured to require all add-ins to be signed by a trusted publisher, any unsigned add-ins the application loads will be disabled and the application will display the Trust Bar at the top of the active window. The Trust Bar contains a message informing users about the unsigned add-in. If a user is allowed to make the determination to allow an unsigned add-in, it increases the risk of malicious code being introduced onto the user's computer or the network. |
| STIG | Date |
|---|---|
| Microsoft Visio 2013 STIG | 2018-04-04 |
Details
| Check Text ( C-47125r1_chk ) |
|---|
| Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Visio 2013 -> Visio Options -> Security -> Trust Center -> "Disable Trust Bar Notification for unsigned application add-ins and block them" is set to "Enabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\Microsoft\office\15.0\Visio\security Criteria: If the value notbpromptunsignedaddin is REG_DWORD = 1, this is not a finding. |
| Fix Text (F-45722r1_fix) |
|---|
| Set the policy value for User Configuration -> Administrative Templates -> Microsoft Visio 2013 -> Visio Options -> Security -> Trust Center -> "Disable Trust Bar Notification for unsigned application add-ins and block them" to "Enabled". |