Details
This policy setting controls whether Outlook blocks potentially dangerous attachments designated Level 1. Outlook uses two levels of security to restrict users’ access to files attached to e-mail messages or other items. Files with specific extensions can be categorized as Level 1 (users cannot view the file) or Level 2 (users can open the file after saving it to disk). Users can freely open files of types that are not categorized as Level 1 or Level 2. If you enable this policy setting, Outlook users can gain access to Level 1 file type attachments by first saving the attachments to disk and then opening them, as with Level 2 attachments. If you disable this policy setting, Level 1 attachments do not display under any circumstances. If you do not configure this policy setting, Outlook completely blocks access to Level 1 files, and requires users to save Level 2 files to disk before opening them.
Solution
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Security -> Security Form Settings -> Attachment Security ‘Display Level 1 attachments’ to ‘Disabled’.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.
References
- 800-53|SC-18(1)
- CAT|II
- CCI|CCI-001662
- Rule-ID|SV-228440r508021_rule
- STIG-ID|DTOO240
- STIG-Legacy|SV-85783
- STIG-Legacy|V-71159
- Vuln-ID|V-228440