Trust access for VBA must be disallowed.

From Microsoft Access 2016 STIG

Part of DTOO304 - VBA Macro Warning settings

Associated with: CCI-000381

SV-85577r1_rule Trust access for VBA must be disallowed.

Vulnerability discussion

VSTO projects require access to the Visual Basic for Applications project system in Excel, PowerPoint, and Word, even though the projects do not use Visual Basic for Applications. Design-time support of controls in both Visual Basic and C# projects depends on the Visual Basic for Applications project system in Word and Excel. By default, Excel, Word, and PowerPoint do not allow automation clients to have programmatic access to VBA projects. Users can enable this by selecting the Trust access to the VBA project object model in the Macro Settings section of the Trust Center. However, doing so allows macros in any documents the user opens to access the core Visual Basic objects, methods, and properties, which represents a potential security hazard.

Check content

Fix text

Set policy value for User Configuration -> Administrative Templates -> Microsoft Access 2016 -> Application Settings -> Security -> Trust Center -> "VBA macro Notification Settings" must be set to "Enabled: Disable all with notification".

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer