Detections
Analytics
DTOO275 - Outlook - Intranet with Safe Zones for automatic picture downloads must be configured.
Information
Malicious e-mail senders can send HTML e-mail messages with embedded Web beacons, which are pictures and other content from external servers that can be used to track whether recipients open the messages. Viewing e-mail messages with Web beacons in them provides confirmation that the recipient's e-mail address is valid, which leaves the recipient vulnerable to additional spam and harmful e-mail.By default, Outlook does not download external content in HTML e-mail messages from untrusted senders over the local intranet. If this configuration is changed, Outlook will display external content in all HTML e-mail messages received via the local intranet, which could include Web beacons.
Solution
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security -> Automatic Picture Download Settings 'Include Intranet in Safe Zones for Automatic Picture Download' to 'Disabled'.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Outlook_2010_V1R14_STIG.zip
Item Details
Audit Name: DISA Microsoft Outlook 2010 STIG v1r14
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-33562r2_rule, STIG-ID|DTOO275, Vuln-ID|V-17634
Plugin: Windows
Control ID: 9e4c66282a728963a825fa85d1ecc9df11f8bfa51a9f76fca2e3b5fefa560148