Details

This policy setting controls whether Excel presents users with a list of data extraction options before beginning an Open and Repair operation when users choose to open a corrupt workbook in repair or extract mode. If you enable this policy setting, Excel opens the file using the Safe Load process and does not prompt users to choose between repairing or extracting data. If you disable or do not configure this policy setting, Excel prompts the user to select either to repair or to extract data, and to select either to convert to values or to recover formulas.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Excel 2016 -> Data Recovery -> ‘Do not show data extraction options when opening corrupt workbooks’ to ‘Enabled’.

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_MS_Excel_2016_V1R2_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.

References

• 800-53|SC-18(1)
• CAT|II
• CCI|CCI-001662
• Rule-ID|SV-85661r1_rule
• STIG-ID|DTOO419
• Vuln-ID|V-71037

Source

• Tenable.com/audits