DTOO133 - Excel - All automatic loading from Trusted Locations must be disabled.

Information

Trusted locations specified in the Trust Center are used to define file locations assumed to be safe. Content, code, and add-ins are allowed to load from trusted locations with a minimal amount of security, without prompting the users for permission. If a dangerous file is opened from a trusted location, it will not be subject to standard security measures and could harm users' computers or data. By default, files located in trusted locations (those specified in the Trust Center) are assumed to be safe.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Excel 2010 -> Excel Options -> Security -> Trust Center -> Trusted Locations 'Disable all trusted locations' to 'Enabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Excel_2010_V1R11_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(4), CAT|II, CCI|CCI-001170, Rule-ID|SV-33447r1_rule, STIG-ID|DTOO133, Vuln-ID|V-17471

Plugin: Windows

Control ID: 075f472dbab49d7d9f67313ad9568c3544ffc9c55672f5aebc7409c1745a979f