DTOO193 – Automation Security to enforce macro level security in Office documents must be configured.

Details

When a separate program is used to launch Microsoft Office Excel, PowerPoint, or Word programmatically, any macros can run in the programmatically opened application without being blocked. This functionality could allow an attacker to use automation to run malicious code in Excel, PowerPoint, or Word.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2013 -> Security Settings ‘Automation Security’ to ‘Enabled (Use application macro security level)’.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_OfficeSystem_2013_V2R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.

References

800-53|SC-18(4)
CAT|II
CCI|CCI-001170
Rule-ID|SV-228545r557514_rule
STIG-ID|DTOO193
STIG-Legacy|SV-52730
STIG-Legacy|V-17741
Vuln-ID|V-228545

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles