2.5.14.3.1.4 Ensure 'Do not prompt about Level 1 attachments when sending an item' is set to 'Disabled'

Information

This policy setting controls whether Outlook displays a warning before sending an item that contains an unsafe attachment that will be blocked when the item is opened by a recipient.

The recommended state for this setting is: Disabled.

Rationale:

To protect users from viruses and other harmful files, Outlook uses two levels of security, designated Level 1 and Level 2, to restrict access to files attached to e-mail messages or other items. Outlook completely blocks access to Level 1 files by default, and requires users to save Level 2 files to disk before opening them. Potentially harmful files can be classified into these two levels by file type extension, with all other file types considered safe.

By default, when users attempt to send an item to which a level 1 file has been attached, Outlook warns them that the message contains a potentially unsafe attachment and that the recipient might not be able to access it. If this configuration is changed, Outlook will not display the warning when users send such items, which can cause users to lose access to important data.

Impact:

None - this is the default behavior.

Important: For this setting to apply, the Outlook Security Mode setting must be enabled in User Configuration\Administrative Templates\Microsoft Outlook 2016\Security\Security with Use Outlook Security Group Policy selected, as set in this benchmark.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled:

User Configuration\Administrative Templates\Microsoft Outlook 2016\Security\Security Form Settings\Attachment Security\Do not prompt about Level 1 attachments when sending an item

Default Value:

Disabled. (When users attempt to send an item to which a level 1 file has been attached, Outlook warns them that the message contains a potentially unsafe attachment and that the recipient might not be able to access it.)

See Also

https://workbench.cisecurity.org/benchmarks/12129

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3, 800-53|SI-8

Plugin: Windows

Control ID: bae5823ca4e1ccba559a94357e9ee3ba1c67743c4b65cc84a3ff891cc292596a