1.12 Set 'Disable the Office client from polling the SharePoint Server for published links' to 'Enabled'

Information

This policy setting controls whether Office 2010 applications can poll Office servers to
retrieve lists of published links. If you enable this policy setting, Office 2010 applications
cannot poll an Office server for published links. If you disable or do not configure this
policy setting, users of Office 2010 applications can see and use links to Microsoft
SharePoint Server sites from those applications. You can configure published links to Office
applications during initial deployment, and can add or change links as part of regular
operations. These links appear on the My SharePoint Sites tab of the Open, Save, and Save
As dialog boxes when opening and saving documents from these applications. Links can be
targeted so that they only appear to users who are members of particular audiences. Note -
This policy setting applies to Microsoft SharePoint Server specifically. It does not apply to
Microsoft SharePoint Foundation. The recommended state for this setting is- Enabled.

*Rationale*

By default, users of Office 2010 applications can see and use links to Microsoft Office
SharePoint Server sites from those applications. Administrators configure published links
to Office applications during initial deployment, and can add or change links as part of
regular operations. These links appear on the My SharePoint Sites tab of the Open, Save,
and Save As dialog boxes when opening and saving documents from these applications.
Links can be targeted so that they only appear to users who are members of particular
audiences. If a malicious person gains access to the list of published links, they could
modify the links to point to unapproved sites, which could make sensitive data vulnerable
to exposure.

Solution

To implement the recommended configuration state, set the following Group Policy setting
to Enabled.

User Configuration\Administrative Templates\Microsoft Office 2010\Server
Settings\Disable the Office client from polling the SharePoint Server for published
links

Impact-If this setting is Enabled, users will not be able to use the list of published links to open and
save files directly from within Office 2010 applications, which could hinder the use of
SharePoint Server for document collaboration. Note This setting applies to Microsoft Office
SharePoint Server specifically. It does not apply to Windows SharePoint Services (WSS).

See Also

https://workbench.cisecurity.org/files/530

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b.

Plugin: Windows

Control ID: 2757d526dd870fcd73c7cc19f6aecdeff39d317a5cb5fcad3980635a8f298cb3