1.6.6.4 Ensure 'Scan Encrypted Macros in PowerPoint Open XML Presentations' is set to Enabled (Scan Encrypted Macros)

Information

This policy setting controls whether encrypted macros in Open XML presentations are required to be scanned with anti-virus software before being opened. The recommended state for this setting is: Enabled. (Scan Encrypted Macros) When an Office Open XML presentation is rights-managed or password-protected, any macros that are embedded in the presentation are encrypted along with the rest of the workbook's contents. By default, these encrypted macros will be disabled unless they are scanned by antivirus software immediately before being loaded. If this setting is Disabled, PowerPoint will not require encrypted macros to be scanned before loading. PowerPoint will handle them as specified by the Office System macro security settings, which can cause macro viruses to load undetected and lead to data loss or reduced application functionality.

Solution

To implement the recommended configuration state, set the following Group Policy setting to Enabled. User Configuration\Administrative Templates\Microsoft PowerPoint 2016\PowerPoint Options\Security\Scan Encrypted Macros in PowerPoint Open XML Presentations Impact: Enabling this setting enforces the default configuration in PowerPoint, and is therefore unlikely to cause usability issues for most users.

See Also

https://workbench.cisecurity.org/files/573

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3c.1.

Plugin: Windows

Control ID: feaeb164197c33a348d0c349aaa368e87938f1ab495c9ef46ed86e56907317c8