DTOO233 - Outlook Object Model scripts must be disallowed to run for public folders.

Information

This policy setting controls whether Outlook executes scripts that are associated with custom forms or folder home pages for public folders. If you enable this policy setting, Outlook cannot execute any scripts associated with public folders, overriding any configuration changes on users' computers. If you disable this policy setting, Outlook will automatically run any scripts associated with custom forms or folder home pages for public folders, overriding any configuration changes on users' computers. If you do not configure this policy setting, Outlook will not run any scripts associated with public folders by default. Users can configure the setting in the Trust Center by selecting the 'Allow script in public folders' check box.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Outlook Options -> Other -> Advanced 'Do not allow Outlook object model scripts to run for public folders' to 'Enabled'.

See Also

http://iasecontent.disa.mil/stigs/zip/U_MS_Outlook_2016_V1R2_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CAT|II, CCI|CCI-001170, Rule-ID|SV-85771r1_rule, STIG-ID|DTOO233, Vuln-ID|V-71147

Plugin: Windows

Control ID: 0e7e76cd82ffe16c5d699655ca08e438dbb4d2d9594b777f4df77f3f3113bf9c