The Add-In Trust Level must be configured.

From Microsoft Outlook 2010 STIG

Part of DTOO236 - Add-In Trust Level

Associated with: CCI-001170

SV-33932r1_rule The Add-In Trust Level must be configured.

Vulnerability discussion

Under normal circumstances the installed COM add-ins are applications that have been approved and intentionally deployed by the organization and therefore they should not pose a security threat. However, if malware has infected systems it is possible that the malware will use the COM add-in feature to perform unauthorized actions. This setting enforces the default configuration, and therefore is unlikely to cause significant usability issues for most users.

Check content

The policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security “Configure Add-In Trust Level” must be set to “Enabled (Trust all loaded and installed COM addins)”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\14.0\outlook\security Criteria: If the value AddinTrust is REG_DWORD = 1, this is not a finding.

Fix text

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010 -> Security “Configure Add-In Trust Level” to “Enabled (Trust all loaded and installed COM addins)”.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer