2.26.2 Ensure 'Disable The Office Client From Polling The SharePoint Server For Published Links' is set to Enabled

Information

This policy setting controls whether Office applications can poll Office servers to retrieve lists of published links. Note - This policy setting applies to Microsoft SharePoint Server specifically. It does not apply to Microsoft SharePoint Foundation. The recommended state for this setting is: Enabled. By default, users of Office applications can see and use links to Microsoft Office SharePoint Server sites from those applications. Administrators configure published links to Office applications during initial deployment, and can add or change links as part of regular operations. These links appear on the My SharePoint Sites tab of the Open, Save, and Save As dialog boxes when opening and saving documents from these applications. Links can be targeted so that they only appear to users who are members of particular audiences. If a malicious person gains access to the list of published links, they could modify the links to point to unapproved sites, which could make sensitive data vulnerable to exposure.

Solution

To implement the recommended configuration state, set the following Group Policy setting to Enabled. User Configuration\Administrative Templates\Microsoft Office 2016\Server Settings\Disable The Office Client From Polling The SharePoint Server For Published Links Impact: If this setting is Enabled, users will not be able to use the list of published links to open and save files directly from within Office applications, which could hinder the use of SharePoint Server for document collaboration. Note This setting applies to Microsoft Office SharePoint Server specifically. It does not apply to Windows SharePoint Services (WSS).

See Also

https://workbench.cisecurity.org/files/571

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b.

Plugin: Windows

Control ID: f047201c1b8e6c9bf092d6a55e3ae6bd3f77fb98bfa2effd70859a463af260d2