DTOO197 - Office - Disable Smart Documents use of Manifests in Office.

Information

An XML expansion pack is the group of files that constitutes a Smart Document in Excel 2007 and Word 2007. You package one or more components that provide the logic needed for a Smart Document by using an XML expansion pack. These components can include any type of file, including XML schemas, Extensible Stylesheet Language Transforms (XSLTs), dynamic-link libraries (DLLs), and image files, as well as additional XML files, HTML files, Word files, Excel files, and text files.
The key component to building an XML expansion pack is creating an XML expansion pack manifest file. By creating this file, you specify the locations of all files that make up the XML expansion pack, as well as information that instructs 2007 Office how to set up the files for your Smart Document. The XML expansion pack can also contain information about how to set up some files, such as how to install and register a COM object required by the XML expansion pack.
XML expansion packs can be used to initialize and load malicious code, which might affect the stability of a computer and lead to data loss.
By default, 2007 Office applications can load an XML expansion pack manifest file with a Smart Document.

Solution

The policy value for User Configuration -> Administrative Templates -> Microsoft Office 2007 system -> Smart Documents (Word, Excel) 'Disable Smart Documents use of manifests' will be set to 'Enabled'.

'Note - Group Policy Administrative Templates are available from the www.microsoft.com download site. The MS Office 2007 System (Office12.adm) is included in the AdminTemplates.exe file. This template provides the mechanisms to incorporate Microsoft Office 2007 System policies via the Microsoft Group Policy Editor (gpedit.msc).'

'Note - If the Microsoft Group Policy Editor (gpedit.msc) is not used to incorporate the remediation to this vulnerability the Microsoft Registry Editor (regedit.exe) may be used to create the registry key and value required.'

See Also

http://iase.disa.mil/stigs/app_security/office_auto/u_microsoft_office2007_v4r9_stig_20121026.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(3), CAT|II, Rule-ID|SV-18834r3_rule, STIG-ID|DTOO197, Vuln-ID|V-17669

Plugin: Windows

Control ID: f43dd52fcd6d28f4f72a33ce9f28f01834b08bdc5915c7be34d395a224dd983f