DTOO244 - Level 1 file extensions must be blocked and not removed.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

This policy setting controls which types of attachments (determined by file extension) Outlook prevents from being delivered. Outlook uses two levels of security to restrict users' access to files attached to e-mail messages or other items. Files with specific extensions can be categorized as Level 1 (users cannot view the file) or Level 2 (users can open the file after saving it to disk). Users can freely open files of types that are not categorized as Level 1 or Level 2. If you enable this policy setting, you can specify the removal of file type extensions as that Outlook classifies as Level 1--that is, to be blocked from delivery--by entering them in the text field provided separated by semicolons. If you disable or do not configure this policy setting, Outlook classifies a number of potentially harmful file types (such as those with .exe, .reg, and .vbs extensions) as Level 1 and blocks files with those extensions from being delivered. Important: This policy setting only applies if the 'Outlook Security Mode' policy setting under 'Microsoft Outlook 2016\Security\Security Form Settings' is configured to 'Use Outlook Security Group Policy.'

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Security -> Security Form Settings -> Attachment Security 'Remove file extensions blocked as Level 1' to 'Disabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Outlook_2016_V2R1_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(3), CAT|II, CCI|CCI-001662, Rule-ID|SV-228441r508021_rule, STIG-ID|DTOO244, STIG-Legacy|SV-85785, STIG-Legacy|V-71161, Vuln-ID|V-228441

Plugin: Windows

Control ID: d53aa3ab08ebf8443e0a160f1c94f433c2ee3074f4855cfe10f061e82fc95c83