DTOO134 - Excel - Disallowance of Trusted Locations on the network must be enforced.

Information

Files located in Trusted Locations and specified in the Trust Center are assumed to be safe. Content, code, and add-ins are allowed to load from Trusted Locations with minimal security and without prompting the user for permission. By default, users can specify Trusted Locations on network shares, or in other remote locations not under their direct control, by selecting the 'Allow Trusted Locations on my network' (not recommended) check box in the Trusted Locations section of the Trust Center. If a dangerous file is opened from a trusted location, it will not be subject to typical security measures and could affect users' computers or data.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Excel 2010 -> Excel Options -> Security -> Trust Center -> Trusted Locations 'Allow Trusted Locations on the network' to 'Disabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Excel_2010_V1R11_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(4), CAT|II, CCI|CCI-001170, Rule-ID|SV-33446r1_rule, STIG-ID|DTOO134, Vuln-ID|V-17520

Plugin: Windows

Control ID: 82002ee9bffaee606a0220a5aac5a9123f547af0a3bce6f0a156e0e674459965