Details
This policy setting controls whether Office 2010 applications can poll Office servers to
retrieve lists of published links. If you enable this policy setting, Office 2010 applications
cannot poll an Office server for published links. If you disable or do not configure this
policy setting, users of Office 2010 applications can see and use links to Microsoft
SharePoint Server sites from those applications. You can configure published links to Office
applications during initial deployment, and can add or change links as part of regular
operations. These links appear on the My SharePoint Sites tab of the Open, Save, and Save
As dialog boxes when opening and saving documents from these applications. Links can be
targeted so that they only appear to users who are members of particular audiences. Note –
This policy setting applies to Microsoft SharePoint Server specifically. It does not apply to
Microsoft SharePoint Foundation. The recommended state for this setting is- Enabled.
*Rationale*
By default, users of Office 2010 applications can see and use links to Microsoft Office
SharePoint Server sites from those applications. Administrators configure published links
to Office applications during initial deployment, and can add or change links as part of
regular operations. These links appear on the My SharePoint Sites tab of the Open, Save,
and Save As dialog boxes when opening and saving documents from these applications.
Links can be targeted so that they only appear to users who are members of particular
audiences. If a malicious person gains access to the list of published links, they could
modify the links to point to unapproved sites, which could make sensitive data vulnerable
to exposure.
Solution
To implement the recommended configuration state, set the following Group Policy setting
to Enabled.
User ConfigurationAdministrative TemplatesMicrosoft Office 2010Server
SettingsDisable the Office client from polling the SharePoint Server for published
links
Impact-If this setting is Enabled, users will not be able to use the list of published links to open and
save files directly from within Office 2010 applications, which could hinder the use of
SharePoint Server for document collaboration. Note This setting applies to Microsoft Office
SharePoint Server specifically. It does not apply to Windows SharePoint Services (WSS).
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.