1.6 Set 'Apply macro security settings to macros, add- ins and additional actions' to 'Enabled'

Information

This policy setting controls whether Outlook also applies the macro security settings to
installed COM add-ins and additional actions.
If you enable this policy setting, the macro security settings will also be applied to add-ins
and additional actions.
If you disable or do not configure this policy setting, Outlook does not use the macro
security settings to determine whether to run macros, installed COM add-ins, and
additional actions. The recommended state for this setting is- Enabled.


*Rationale*

Attackers can insert malicious code into add-ins and smart tags in an attempt to affect your
computing environment. By default, COM add-ins and smart tags are not subject to the
same security restrictions as installed macros.

Solution

To implement the recommended configuration state, set the following Group Policy setting
to Enabled.

User Configuration\Administrative Templates\Microsoft Outlook 2010\Security\Trust
Center\Apply macro security settings to macros, add-ins and additional actions

Impact-When this setting is Enabled and a strong security level is chosen for macros, add-ins and
smart tags will run under greater security restrictions. This configuration might have an
impact on users that use add-ins and smart tags.

See Also

https://workbench.cisecurity.org/files/530

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3a.

Plugin: Windows

Control ID: 4e979598c4dc026eb28ecdfba775240a379c6d86dc27e32552ed45c341036ec1