STIGQter: STIG Summary: Microsoft InfoPath 2013 STIG Version: 1 Release: 5 Benchmark Date: 27 Apr 2018:

Redirection behavior for upgraded web sites by SharePoint must be blocked.

DISA Rule

SV-53337r1_rule

Vulnerability Number

V-17576

Group Title

DTOO157 - SharePoint Services Gradual Upgrade

Rule Version

DTOO157

Severity

CAT II

CCI(s)

• CCI-001242 - The organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

Weight

10

Fix Recommendation

Set the policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2013 -> Security -> "Control behavior for Microsoft SharePoint Foundation gradual upgrade" to "Enabled (Block all redirections)".

Check Contents

The policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2013 -> Security -> "Control behavior for Microsoft SharePoint Foundation gradual upgrade" must be set to "Enabled (Block all redirections)".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\15.0\InfoPath\security

Criteria: If the value GradualUpgradeRedirection is REG_DWORD = 2, this is not a finding.

Vulnerability Number

V-17576

Documentable

False

Rule Version

DTOO157

Severity Override Guidance

The policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2013 -> Security -> "Control behavior for Microsoft SharePoint Foundation gradual upgrade" must be set to "Enabled (Block all redirections)".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\15.0\InfoPath\security

Criteria: If the value GradualUpgradeRedirection is REG_DWORD = 2, this is not a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

2479

Comments