Always warn on untrusted macros must be enforced.

From Microsoft Outlook 2010 STIG

Part of DTOO276 - Security settings for macros

Associated with: CCI-001662

SV-33598r1_rule Always warn on untrusted macros must be enforced.

Vulnerability discussion

To protect users from dangerous code, the Outlook default configuration disables all macros that are not trusted, including unsigned macros, macros with expired or invalid signatures, and macros with valid signatures from publishers who are not on users' Trusted Publishers lists. The default configuration also allows macros that are signed by trusted publishers to run automatically without notifying users, which could allow dangerous code to run.

Check content

The policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security -> Trust Center “Security setting for macros” must be “Enabled (Always warn)”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\14.0\outlook\security Criteria: If the value Level is REG_DWORD = 2, this is not a finding.

Fix text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security -> Trust Center “Security setting for macros” to “Enabled (Always warn)”.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer