Details
To protect users from viruses and other harmful files, Outlook uses two levels of security, designated Level 1 and Level 2, to restrict access to files attached to email messages or other items. Potentially harmful files can be classified into these two levels by file type extension, with all other file types considered safe.
By default, Outlook completely blocks access to Level 1 files, and requires users to save Level 2 files to disk before opening them. If this configuration is changed, users will be able to open and execute potentially dangerous attachments, which can affect their computers or compromise the confidentiality, integrity, or availability of data.
Solution
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Security -> Security Form Settings -> Attachment Security ‘Do not prompt about Level 1 attachments when closing an item’ to ‘Disabled’.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.
References
- 800-53|SC-18(1)
- CAT|II
- CCI|CCI-001662
- Rule-ID|SV-53976r2_rule
- STIG-ID|DTOO243
- Vuln-ID|V-17601