All automatic loading from Trusted Locations must be disabled.

From Microsoft InfoPath 2010 STIG

Part of DTOO133-Disable all trusted locations

Associated with: CCI-001170

SV-33860r2_rule All automatic loading from Trusted Locations must be disabled.

Vulnerability discussion

Trusted locations specified in the Trust Center are used to define file locations assumed to be safe. Content, code, and add-ins are allowed to load from trusted locations with a minimal amount of security, without prompting the users for permission. If a dangerous file is opened from a trusted location, it will not be subject to standard security measures and could harm users' computers or data. By default, files located in trusted locations (those specified in the Trust Center) are assumed to be safe.

Check content

The policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2010 -> Security -> Trust Center “Disable all trusted locations” must be set to “Enabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\14.0\infopath\security\trusted locations Criteria: If the value AllLocationsDisabled is REG_DWORD = 1, this is not a finding.

Fix text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2010 -> Security -> Trust Center “Disable all trusted locations” to “Enabled”.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer