Details
This policy setting allows you to determine if users can open, view, or edit Excel files. The recommended state for this setting is: Enabled. (Blocked files are not opened) By default, users can open, view, or edit a large number of file types in Excel. Some file types are safer than others, as some could allow malicious code to become active on user computers or the network. For this reason, disabling or not configuring this setting could allow malicious code to become active on user computers or the network.
Solution
To implement the recommended configuration state, set the following Group Policy setting to Enabled. User ConfigurationAdministrative TemplatesMicrosoft Excel 2016Excel OptionsSecurityTrust CenterFile Block SettingsSet Default File Block Behavior Impact: Enabling this setting prevents users from opening, viewing, or editing certain types of files in Excel. Productivity in your organization could be affected if users who require access to any of these file types cannot access them.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.