From Microsoft Office System 2013 STIG
Part of DTOO200 - Allow users to read with browsers
Associated with: CCI-002165
The Windows Rights Management Add-on for Internet Explorer provides a way for users who do not use the 2013 Office release to view, but not alter, files with restricted permissions. By default, IRM-enabled files are saved in a format that cannot be viewed by using the Windows Rights Management Add-on. If this setting is enabled, an embedded rights-managed HTML version of the content is saved with each IRM-enabled file, which can be viewed in Internet Explorer using the add-on, representing the risk of documents being read by those without the rights and not intended to have access to the document.
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Manage Restricted Permissions "Allow users with earlier versions of Office to read with browsers" is set to "Disabled". Use the Windows Registry Editor to navigate to the following hive: HKEY_Users For every users profile hive under HKEY_Users, navigate to the following key: \Software\Policies\Microsoft\Office\15.0\common\drm If the value “IncludeHTML” is REG_DWORD = 0, this is not a finding.
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2013 -> Manage Restricted Permissions "Allow users with earlier versions of Office to read with browsers" to "Disabled".
Lavender hyperlinks in small type off to the right (of CSS
class id
, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle
or
Accept: application/rdf+xml
.
Powered by sagemincer