STIGQter: STIG Summary: Microsoft Office System 2013 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

Users must be prevented from using or inserting apps that come from the Office Store.

DISA Rule

SV-228553r508020_rule

Vulnerability Number

V-228553

Group Title

SRG-APP-000131

Rule Version

DTOO413

Severity

CAT II

CCI(s)

• CCI-001749 - The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.

Weight

10

Fix Recommendation

Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Security Settings >> Trust Center >> Trusted Catalogs "Block the Office Store" to "Enabled".

Check Contents

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Security Settings >> Trust Center >> Trusted Catalogs "Block the Office Store" is set to "Enabled".

Use the Windows Registry Editor to navigate to the following HKCU\Software\Policies\Microsoft\Office\15.0\wef\trustedcatalogs

If the value 'disableomexcatalogs' is REG_DWORD = 1, this is not a finding.

Vulnerability Number

V-228553

Documentable

False

Rule Version

DTOO413

Severity Override Guidance

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Security Settings >> Trust Center >> Trusted Catalogs "Block the Office Store" is set to "Enabled".

Use the Windows Registry Editor to navigate to the following HKCU\Software\Policies\Microsoft\Office\15.0\wef\trustedcatalogs

If the value 'disableomexcatalogs' is REG_DWORD = 1, this is not a finding.

Check Content Reference

M

Target Key

4227

Comments