UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Disallowance of trusted locations on the network must be enforced.


Overview

Finding ID Version Rule ID IA Controls Severity
V-17520 DTOO134 SV-53572r1_rule ECSC-1 Medium
Description
Files located in Trusted Locations and specified in the Trust Center are typically assumed to be safe. Content, code, and add-ins are allowed to load from Trusted Locations with minimal security and without prompting the user for permission. By default, users can specify Trusted Locations on network shares, or in other remote locations not under their direct control, by selecting the "Allow Trusted Locations on my network" (not recommended) check box in the Trusted Locations section of the Trust Center. If a dangerous file is opened from a trusted location, it will not be subject to typical security measures and could affect users' computers or data.
STIG Date
Microsoft Word 2013 STIG 2014-12-23

Details

Check Text ( C-47721r1_chk )
Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Word 2013 -> Word Options -> Security -> Trust Center -> Trusted Locations "Allow Trusted Locations on the network" is set to "Disabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\15.0\word\security\trusted locations

Criteria: If the value AllowNetworkLocations is REG_DWORD = 0, this is not a finding.
Fix Text (F-46497r1_fix)
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Word 2013 -> Word Options -> Security -> Trust Center -> Trusted Locations "Allow Trusted Locations on the network" to "Disabled".