Looking for:
Microsoft Office System STIG
![](\"https://xsthekartinka.fun/ges21ds.jpeg\")
Microsoft Office System STIG Version 2, Release 1 Checklist Details (Checklist Revisions) NOTE. This is not the current revision of this Checklist, view the current revision. Supporting Resources: Download Standalone XCCDF – Office System STIG – Version 1, . Apr 25, · Check if Office is installed. DISA_STIG_Microsoft_Office_System__replace.me from DISA Microsoft Office System v2r1 STIG. DTOO – Documents must be configured to not open as Read Write when browsing. SYSTEM AND COMMUNICATIONS PROTECTION. DTOO – Relying on Vector . Microsoft Office System STIG Profiles. MAC-1_Classified I – Mission Critical Classified. MAC-1_Public I – Mission Critical Public. ☞ SVr3_rule The encryption type for password protected Office 97 thru Office must be set. V DTOOActiveX Control Initialization for Office.
[Microsoft office system 2013 stig free
This forum focus more on general questions of Office desktop applications, your question is mainly related to STIG. To better resolve it, I. Hi,. How are things going? I just checked in to see if there are any updates. Please feel free to feedback and if the reply is.
Microsoft Office System STIG – Microsoft Office System 2013 STIG
This policy setting controls whether Office applications load any custom user interface UI code included with a document or template. Office allows developers to extend the UI with customization code that is included in a document or template.
If this policy setting is enabled, Office applications cannot load any UI customization code included with documents and templates. If this policy setting is disabled or not configured, Office applications load any UI offic code included with a document or template when opening it, leaving the Office application susceptible to malicious code. Select the policy option for \”Disallow in Project\”. A malicious user might use ofice URL syntax to create a hyperlink that appears to open a legitimate website but actually opens a deceptive spoofed website.
This functionality can be controlled separately for instances of Internet Explorer spawned by Office applications for example, if a user clicks a link in an Office document or selects a menu option that loads a web page.
If user microsoft office system 2013 stig free and passwords in URLs are allowed, users could be diverted ссылка на страницу dangerous web pages, which would pose a microsoft office system 2013 stig free risk. Internet Explorer sgstem a number of safety checks before initializing an ActiveX control. It will not initialize a control if the kill bit for the control is set in the registry, or if the security settings for the zone in which the control is located do not allow it to be initialized.
A mucrosoft risk could occur if potentially dangerous controls are allowed to load. The Pop-up Blocker feature in Internet Explorer can be used to block most unwanted pop-up and pop-under windows from appearing. If the Pop-up Blocker is disabled, disruptive and potentially dangerous pop-up windows could load and present a security risk.
Internet Explorer add-ons are pieces of code, run in Internet Explorer, to provide additional functionality. Rogue add-ons may contain viruses or other malicious code. Disabling or not configuring this setting could allow malicious code or users to become active on user computers or the network. For example, a malicious user can monitor and then use keystrokes users type into Internet Explorer.
Even legitimate add-ons may demand resources, compromising the performance of Internet Explorer, and offfice operating systems for user computers. Internet Explorer places restrictions on each web page users can use the browser to open. Web pages on a user\’s local computer have the fewest security restrictions and reside in the Local Machine zone, making this security zone a prime target for malicious users and code.
Disabling or not configuring this setting could allow pages in the Internet zone to navigate to pages in the Local Machine zone to then run code to elevate microsoft office system 2013 stig free. This could allow malicious code or users to become active on user computers or the network.
Microsoft ActiveX controls allow unmanaged, unprotected code to run on the user computers. ActiveX controls microsoft office system 2013 stig free microsoft office plus 2013 confirmation code run within a protected container in the browser like the other types of Rree or Microsoft Silverlight-based controls.
Disabling or microsofy configuring this setting does not block prompts for ActiveX control installations ofdice these prompts display frre users.
This could allow malicious code to become active on user computers or the network. Microsoft office system 2013 stig free this setting allows websites to present file download prompts via nicrosoft without the user specifically initiating the download. User preferences may also allow the download to occur without prompting or interaction with the user.
Even if Internet Explorer prompts the user to accept the download, some websites abuse this functionality. Malicious websites may continually prompt users to читать далее a file or present confusing dialog boxes to trick users into downloading or думаю, kuyhaa adobe illustrator cc free download частенько a file.
If the download occurs and it contains malicious code, the code could become active on user computers or the network. Malicious websites often try to microsofy or trick users into giving a site permission to perform an action allowing the site vree take control of the users\’ computers in some manner. Systm or not configuring this setting allows unknown websites to: -Create browser windows appearing to be from the local operating system.
Office applications do not check the digital signature on application add-ins before opening them. Disabling or not configuring this setting may microsoft office system 2013 stig free an application to load a dangerous add-in.
As a result, malicious code could become active on user computers or the network. If an application is configured to require all add-ins to be signed by a trusted publisher, any unsigned add-ins the application mucrosoft will be disabled and the application will display the Trust Bar at the top of the active window.
The Trust Bar contains a message informing users about ssytem unsigned add-in. If a user is allowed to make the determination to allow an unsigned add-in, micgosoft increases the risk of malicious code being introduced onto the user\’s computer or the network. When users open files containing VBA macros, applications open microsoft office system 2013 stig free files with the macros disabled and displays the Trust Bar with a warning that macros are present and have been disabled.
Users may then enable these нажмите для деталей by clicking Options on the Здесь Bar and selecting the option to enable them.
Disabling or not configuring this setting may allow dangerous macros to become micrsooft on user computers or the network. Enabling this setting allows users to access Micrrosoft server websites and workspaces outside of the trusted Internet zone. As a result, malicious code could become active on user computers or the network to gain access to sensitive data.
In this situation, the site could attempt to capture personal information, such as passwords and user names. Toggle navigation. Version 1 Release 4 3.
Comments or proposed revisions to this document should be sent via e-mail systwm the following address: disa. Swap Versions Exit Compare Mode. Show: All Updated 14 Added 1 Removed 0. Vulnerabilities Project application must be prevented from loading any custom srig interface UI code. Finding ID. Target Key. Discussion This policy setting controls whether Office applications load any custom user interface UI code included with a document or template. Disabling of user name and password syntax from being used in URLs must ffree enforced.
The Internet Explorer Bind to Object functionality must be enabled. Discussion Internet Explorer performs a number of safety checks before initializing an ActiveX control.
Navigation to URLs embedded in Office products must be blocked. Links that invoke instances of Internet Explorer from within an Office product must be blocked.
Discussion The Officr Blocker продолжить in Internet Explorer can be used to block most unwanted pop-up and pop-under windows from appearing. Add-on Management functionality must fre allowed.
Discussion Internet Explorer add-ons are pieces of code, sttig in Internet Explorer, to provide additional functionality. Protection from zone elevation must be enforced. Discussion Internet Explorer places restrictions on each web page users can use the browser to open.
ActiveX Installs must be configured for proper restriction. Discussion Microsoft ActiveX controls allow unmanaged, unprotected code to run on the microsoft office system 2013 stig free computers. File Downloads must be configured for proper restrictions. Discussion Disabling this setting allows websites to present file download prompts via code without the user specifically initiating the download.
Scripted Window Security must be enforced. Discussion Malicious websites often try to confuse or trick users into giving a site permission to perform an action allowing the site to take control of the users\’ computers in some manner.
Add-ins to Office applications must be signed by a Trusted Publisher. Discussion Office applications do not check the digital signature on application add-ins before opening them. Trust Bar Notifications for unsigned application systeem must be blocked.
Discussion If an application is configured to require aystem add-ins to be signed by a trusted publisher, any unsigned add-ins the application microsoft office system 2013 stig free will be disabled and the application will microosoft the Trust Bar at the top of the active window.
Warning Bar settings for VBA macros must be configured. Discussion When users open files containing VBA macros, applications open the files with the macros disabled and displays the Trust Bar microsoft office system 2013 stig free a warning страница macros are present and have been disabled. Untrusted intranet zone access to Project servers must not be allowed.
Discussion Enabling this setting allows users to access Officr server websites and workspaces outside of the trusted Internet zone. Vaulted is more than a library. Http://replace.me/24251.txt 1 Release 2 on V1 R2 on Version 1 Release 1.
