DTOO119 - Configuration for file validation must be enforced.

Information

Office File Validation helps detect and prevent a kind of exploit known as a file format attack or file fuzzing attack. File format attacks exploit the integrity of a file. They occur when someone modifies the structure of a file with the intent of adding malicious code. Usually the malicious code is run remotely and is used to elevate the privilege of restricted accounts on the computer. As a result, an attacker could gain access to a computer that they did not previously have access to. This could enable an attacker to read sensitive information from the computer's hard disk drive or install malware, such as a worm or a key logging program. The Office File Validation feature helps prevent file format attacks by scanning and validating files before they are opened. To validate files, Office File Validation compares a file's structure to a predefined file schema, which is a set of rules that determine what a readable file looks like. If Office File Validation detects that a file's structure does not follow all rules that are described in the schema, the file does not pass validation.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Word 2013 -> Word Options -> Security 'Turn off file validation' to 'Disabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Word_2010_V1R12_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(3), CAT|II, CCI|CCI-001695, Rule-ID|SV-242831r960921_rule, STIG-ID|DTOO119, STIG-Legacy|SV-53559, STIG-Legacy|V-26592, Vuln-ID|V-242831

Plugin: Windows

Control ID: 6b7ae7d3f519f67477699b35e9411043d3fe061bfafcedc228abaa95381d6a02