1.6.6.2.2.4 Ensure 'Do not open files in unsafe locations in Protected View' is set to Disabled

Information

This policy setting lets you determine if files located in unsafe locations will open in Protected View. If you have not specified unsafe locations, only the 'Downloaded Program Files' and 'Temporary Internet Files' folders are considered unsafe locations. The recommended state for this setting is: Disabled. Enabling this setting allows users to open files located in unsafe locations that do not require Protected View. As a result, malicious code could become active on user computers or the network.

Solution

To implement the recommended configuration state, set the following Group Policy setting to Disabled. User Configuration\Administrative Templates\Microsoft PowerPoint 2016\PowerPoint Options\Security\Trust Center\Protected View\Do not open files in unsafe locations in Protected View Impact: The Downloaded Program Files folder and the Temporary Internet Files folder are considered unsafe locations. You may specify additional unsafe locations. Some functionality is not available when files are opened in Protected View. In such cases, users must move the files from unsafe locations to save locations in order to access them with full functionality

See Also

https://workbench.cisecurity.org/files/573

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(4)

Plugin: Windows

Control ID: 876b5ff66ee05d4ac84358c4c0eade57e816f00e3f28d3233ae9deaa66e8366a