2.3.27.10 Ensure 'Disable all Trust Bar notifications for security issues' is set to 'Disabled'

Information

This policy setting controls whether Office applications notify users when potentially unsafe features or content are detected, or whether such features or content are silently disabled without notification.

The recommended state for this setting is: Disabled.

Rationale:

The Message Bar in Office applications is used to identify security issues, such as unsigned macros or potentially unsafe add-ins. When such issues are detected, the application disables the unsafe feature or content and displays the Message Bar at the top of the active window. The Message Bar informs the users about the nature of the security issue and, in some cases, provides the users with an option to enable the potentially unsafe feature or content, which could harm the user's computer.

Impact:

This setting does not modify the default configuration, and therefore is unlikely to cause any usability issues.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled:

User Configuration\Administrative Templates\Microsoft Office 2016\Security Settings\Disable all Trust Bar notifications for security issues

Default Value:

Disabled. (The user can change this behavior by default.)

See Also

https://workbench.cisecurity.org/benchmarks/12129

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3c.2.

Plugin: Windows

Control ID: 83b14d3abde76d0ee5d43a88f242ee50b51898eb1b7b942360a50e4b3fc8cbc4