Details

Malicious code is often spread through e-mail. Some viruses have the ability to send copies of themselves to other people in the victim’s Address Book or Contacts list, and such potentially harmful files can affect the computers of unwary recipients.

Solution

Set the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2013 >> Security >> Security Form Settings >> Attachment Security ‘Remove file extensions blocked as Level 1’ to ‘Disabled’.

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_MS_Outlook_2013_V1R13_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.

References

• 800-53|SC-18(1)
• CAT|II
• CCI|CCI-001662
• Rule-ID|SV-55898r2_rule
• STIG-ID|DTOO244
• Vuln-ID|V-17774

Source

• Tenable.com/audits