Detections
Analytics
1.13.2.1.1 Ensure 'Attachment Secure Temporary Folder' is set to Disabled
Information
This policy setting allows you to specify a folder path for the Secure Temporary Files folder rather than using the one that is randomly generated by Outlook.If you enable this policy setting, you can specify a folder path for the Security Temporary Files folder rather than using the one that is randomly generated by Outlook.
If you disable or do not configure this policy setting, Outlook will assign the Secure Temporary Files folder a different random name for each user.
Important - If you must use a specific folder for Outlook attachments, it is recommended that you use a local directory (for best performance), that you place the folder under the Temporary Internet Files folder (to benefit from the enhanced security on that folder), and that the folder name is unique and difficult to guess. The recommended state for this setting is: Disabled.
Rationale:
The Secure Temporary Files folder is used to store attachments when they are opened in e-mail. By default, Outlook generates a random name for the Secure Temporary Files folder and saves it in the Temporary Internet Files folder. You can use this setting to designate a specific path and folder to use as the Secure Temporary Files folder. This configuration is not recommended, because it means that all users will have temporary Outlook files in the same predictable location, which is not as secure. If the name of this folder is well known, a malicious user or malicious code might target this location to try and gain access to attachments.
Solution
To implement the recommended configuration state, set the following Group Policy setting to Disabled.User Configuration\Administrative Templates\Microsoft Outlook 2016\Security\Cryptography\Signature Status dialog box\Attachment Secure Temporary Folder
Impact:
Disabling this setting enforces the default configuration of Outlook, and therefore is unlikely to cause usability issues for most users.
Important If you must use a specific folder for Outlook attachments, it is recommended that you use a local directory (for best performance), that you place the folder under the Temporary Internet Files folder (to benefit from the enhanced security on that folder), and that the folder name is unique and difficult to guess.
See Also
Item Details
Audit Name: CIS Microsoft Office Outlook 2016 v1.1.0 Level 1
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b.
Plugin: Windows
Control ID: abf2cd650e9f3533514bf96199c7c8ea9d6509c589bac691d73b121a33fec173