DTOO212 - Office - Control Blogging entries created from inside Office products.

Information

The blogging feature in Word 2007 enables users to compose blog entries and post them to their blogs directly from Word, without using any additional software.
By default, users can post blog entries to any compatible blogging service provider, including Windows Live Spaces, Blogger, a SharePoint or Community Server site, and others. If your organization has policies that govern the posting of blog entries, allowing users to access the blogging feature in Word 2007 might enable them to violate those policies.

Solution

The policy value for User Configuration -> Administrative Templates -> Microsoft Office 2007 system -> Miscellaneous 'Control Blogging' will be set to 'Enabled (Only SharePoint blogs allowed)'.

'Note - Group Policy Administrative Templates are available from the www.microsoft.com download site. The MS Office 2007 System (Office12.adm) is included in the AdminTemplates.exe file. This template provides the mechanisms to incorporate Microsoft Office 2007 System policies via the Microsoft Group Policy Editor (gpedit.msc).'

'Note - If the Microsoft Group Policy Editor (gpedit.msc) is not used to incorporate the remediation to this vulnerability the Microsoft Registry Editor (regedit.exe) may be used to create the registry key and value required.'

See Also

http://iase.disa.mil/stigs/app_security/office_auto/u_microsoft_office2007_v4r9_stig_20121026.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CAT|II, Rule-ID|SV-18701r3_rule, STIG-ID|DTOO212, Vuln-ID|V-17581

Plugin: Windows

Control ID: 220f27ce25bd1cde25474d22b0e6a616f3c65510063fe371cbfcc4a02349b9c4