Details
If the Microsoft Save as PDF or XPS Add-in for Microsoft Office Programs is installed, document properties are saved as metadata when users save or publish files using the PDF or XPS commands in Access 2013, Excel 2013, InfoPath 2013, PowerPoint 2013, and Word 2013 using the PDF or XPS or Publish. If this metadata contains sensitive information, saving it with the file could compromise security.
Solution
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2013 -> Microsoft Save As PDF and XPS add-ins ‘Disable inclusion of document properties in PDF and XPS output’ to ‘Enabled’.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.
References
- 800-53|CM-6b.
- CAT|II
- CCI|CCI-000366
- Rule-ID|SV-228522r508020_rule
- STIG-ID|DTOO206
- STIG-Legacy|SV-52753
- STIG-Legacy|V-17660
- Vuln-ID|V-228522