SV-53355r1_rule
V-17764
DTOO160 - Unsafe File Attachments in InfoPath
DTOO160
CAT II
10
Set the policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2013 -> Security -> "Prevent users from allowing unsafe file types to be attached to forms" to "Enabled".
The policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2013 -> Security -> "Prevent users from allowing unsafe file types to be attached to forms" must be set to "Enabled".
Procedure: Use the Windows Registry Editor to navigate to the following key:
HKCU\Software\Policies\Microsoft\Office\15.0\InfoPath\security
Criteria: If the value DisallowAttachmentCustomization is REG_DWORD = 1, this is not a finding.
V-17764
False
DTOO160
The policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2013 -> Security -> "Prevent users from allowing unsafe file types to be attached to forms" must be set to "Enabled".
Procedure: Use the Windows Registry Editor to navigate to the following key:
HKCU\Software\Policies\Microsoft\Office\15.0\InfoPath\security
Criteria: If the value DisallowAttachmentCustomization is REG_DWORD = 1, this is not a finding.
M
Information Assurance Officer
2479