Free DISA STIG and SRG Library | Vaulted
Removed

V-223336

Macros must be blocked from running in Excel files from the Internet.

Finding ID
O365-EX-000027
Rule ID
SV-223336r508019_rule
Severity
Cat II
CCE
(None)
Group Title
SRG-APP-000210
CCI
CCI-001170
Target Key
(None)
Documentable
No
Discussion

This policy setting allows you to block macros from running in Office files that come from the Internet. If you enable this policy setting, macros are blocked from running, even if “Enable all macros” is selected in the Macro Settings section of the Trust Center. Also, instead of having the choice to “Enable Content”, users will receive a notification that macros are blocked from running. If the Office file is saved to a trusted location or was previously trusted by the user, macros will be allowed to run. If you disable or do not configure this policy setting, the settings configured in the Macro Settings section of the Trust Center determine whether macros run in Office files that come from the Internet.

Fix Text

Set policy value for User Configuration >> Administrative Templates >> Microsoft Excel 2016 >> Excel Options >> Security >> Trust Center >> Block macros from running in Office files from the Internet to "Enabled".

Check Content

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Excel 2016 >> Excel Options >> Security >> Trust Center >> Block macros from running in Office files from the Internet is set to "Enabled". Use the Windows Registry Editor to navigate to the following key: HKCU\software\policies\microsoft\office\16.0\excel\security If the value blockcontentexecutionfrominternet is REG_DWORD = 1, this is not a finding.