UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Enable Warning Bar settings for VBA macros contained in WordFiles.


Overview

Finding ID Version Rule ID IA Controls Severity
V-17545 DTOO304 - Word SV-18636r1_rule ECSC-1 Medium
Description
By default, when users open files in the specified applications that contain VBA macros, the applications open the files with the macros disabled and display the Trust Bar with a warning that macros are present and have been disabled. Users can inspect and edit the files if appropriate, but cannot use any disabled functionality until they enable it by clicking Options on the Trust Bar and selecting the appropriate action. If users enable dangerous macros, it could affect their computers or cause sensitive information to be compromised.
STIG Date
Microsoft Word 2007 2014-04-03

Details

Check Text ( C-18853r1_chk )
The policy value for User Configuration -> Administrative Templates -> Microsoft Office Word 2007 -> Word Options -> Security -> Trust Center “VBA Macro Warning Settings” will be set to “Enabled (Trust Bar warning for all macros)”.

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\12.0\Word\Security

Criteria: If the value VBAWarnings is REG_DWORD = 2, this is not a finding.
Fix Text (F-17464r1_fix)
The policy value for User Configuration -> Administrative Templates -> Microsoft Office Word 2007 -> Word Options -> Security -> Trust Center “VBA Macro Warning Settings” will be set to “Enabled (Trust Bar warning for all macros)”.