Details
This policy setting allows you to determine whether users can open, view, edit, or save Excel files with the format specified by the title of this policy setting. The recommended state for this setting is: Enabled. (Open/Save blocked, use open policy) DIF and SYLK are text-only file formats that are used to exchange data between different applications, such as Excel. If a vulnerability is discovered that affects these kinds of files, you can use this setting to protect your organization against attacks by temporarily preventing users from opening files in these formats until a security patch is available. By default, users can open DIF (.dif) and SYLK (.slk) files in Excel.
Solution
To implement the recommended configuration state, set the following Group Policy setting to Enabled. User ConfigurationAdministrative TemplatesMicrosoft Excel 2016Excel OptionsSecurityTrust CenterFile Block SettingsDif and Sylk Files Impact: Enabling this setting will prevent users from viewing or editing DIF and SYLK files in Excel. If your users must work with business-critical files of these types, enabling this setting could cause significant disruptions. Users who do not work with DIF or SYLK files will likely not be affected by this setting.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.