DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked.

Information

If an application is configured to require all add-ins to be signed by a trusted publisher, any unsigned add-ins the application loads will be disabled and the application will display the Trust Bar at the top of the active window. The Trust Bar contains a message informing users about the unsigned add-in. If a user is allowed to make the determination to allow an unsigned add-in, it increases the risk of malicious code being introduced onto the user's computer or the network.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Word 2013 -> Word Options -> Security -> Trust Center 'Disable Trust Bar Notification for unsigned application add-ins and block them' to 'Enabled'.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Word_2010_V1R12_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-5(3), CAT|II, CCI|CCI-001749, Rule-ID|SV-242838r960954_rule, STIG-ID|DTOO131, STIG-Legacy|SV-53566, STIG-Legacy|V-17187, Vuln-ID|V-242838

Plugin: Windows

Control ID: 3ec71848d4eb06a415cdf50239ead633a7d09b951572431708eabe452415e886