2.3.27.19 Ensure 'Suppress hyperlink warnings' is set to 'Disabled'

Information

This policy setting controls whether Office applications notify users about unsafe hyperlinks. Links that Office considers unsafe include links to executable files, TIFF files, and Microsoft Document Imaging (MDI) files. Other unsafe links are those that use protocols considered to be unsafe such as javascript.

The recommended state for this setting is: Disabled.

Rationale:

Unsafe hyperlinks are links that might pose a security risk if users click them. Clicking an unsafe link could compromise the security of sensitive information or harm the computer.

Links that Office considers unsafe include links to executable files, TIFF files, and Microsoft Document Imaging (MDI) files. Other unsafe links are those that use protocols considered to be unsafe, including msn, nntp, mms, outlook, and stssync.

By default, Office applications notify users about unsafe hyperlinks and disable them until users enable them.

Impact:

This setting does not alter the default configuration and therefore is unlikely to provide any usability concerns.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled:

User Configuration\Administrative Templates\Microsoft Office 2016\Security Settings\Suppress Hyperlink Warnings

Default Value:

Disabled.

See Also

https://workbench.cisecurity.org/benchmarks/12129

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3c.1.

Plugin: Windows

Control ID: ff1c72e346638c3a03e55b498a1f3edb807bb5090bc4c17bb576a87a174e652c