DTOO419 - Corrupt workbook options must be disallowed.

Information

This setting controls whether Excel presents users with a list of data extraction options before beginning an Open and Repair operation when users choose to open a corrupt workbook in repair or extract mode. A corrupt Excel file may be indicative of malicious tampering. By allowing the automatic handling of corrupt spreadsheets, malicious code may be introduced to the user's computer and the network.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Excel 2013 -> Data Recovery -> 'Do not show data extraction options when opening corrupt workbooks' to 'Enabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Excel_2013_V1R8_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(1), CAT|II, CCI|CCI-001662, Rule-ID|SV-242374r961086_rule, STIG-ID|DTOO419, STIG-Legacy|SV-53843, STIG-Legacy|V-41346, Vuln-ID|V-242374

Plugin: Windows

Control ID: dc1bf05b19ccb91b93a064613039447797405f8aa0924cda7b529c7919f2024c