2.6.6.6.2.2.2 Ensure 'Do not open files in unsafe locations in Protected View' is set to 'Disabled'

Information

This policy setting determines if files located in unsafe locations will open in Protected View.

The recommended state for this setting is: Disabled.

Rationale:

Opening files located in unsafe locations that do not require Protected View could lead to malicious code executing on a user's computer or the network.

Note: If a specified unsafe location(s) is not configured, the 'Downloaded Program Files' and 'Temporary Internet Files' folders are considered unsafe locations.

Impact:

Some functionality is not available when files are opened in Protected View. In such cases, users must move the files from unsafe locations to save locations in order to access them with full functionality.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled.

User Configuration\Administrative Templates\Microsoft PowerPoint 2016\PowerPoint Options\Security\Trust Center\Protected View\Do not open files in unsafe locations in Protected View

Default Value:

Disabled. (Files located in unsafe locations open in Protected View.)

See Also

https://workbench.cisecurity.org/benchmarks/12129

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(4)

Plugin: Windows

Control ID: 0596dff8abdefdac2b6fe98d4fdb31493e5d596f5def2763e8752213bc9a5f4d