Capacity
CCI-001170
Prevents the automatic execution of mobile code in organization-defined software applications.
1
Rule
Severity: Medium
Adobe Reader DC must enable Enhanced Security in a Standalone Application.
1
Rule
Severity: Medium
Adobe Reader DC must enable Enhanced Security in a Browser.
1
Rule
Severity: Medium
Adobe Reader DC must enable Protected Mode.
1
Rule
Severity: Medium
Adobe Reader DC must enable Protected View.
1
Rule
Severity: Medium
Adobe Reader DC must Block Websites.
1
Rule
Severity: Medium
Adobe Reader DC must block access to Unknown Websites.
1
Rule
Severity: Medium
Adobe Reader DC must prevent opening files other than PDF or FDF.
1
Rule
Severity: Medium
Adobe Reader DC must block Flash Content.
2
Rule
Severity: Medium
The Mainframe Product must prevent the automatic execution of mobile code in, at a minimum, office applications, browsers, email clients, mobile code run-time environments, and mobile agent systems.
5
Rule
Severity: Medium
Disabling of user name and password syntax from being used in URLs must be enforced.
10
Rule
Severity: Medium
Saved from URL mark to assure Internet zone processing must be enforced.
10
Rule
Severity: Medium
Navigation to URLs embedded in Office products must be blocked.
1
Rule
Severity: Medium
The Saved from URL mark must be selected to enforce Internet zone processing in PowerPoint.
4
Rule
Severity: Medium
All automatic loading from trusted locations must be disabled.
4
Rule
Severity: Medium
Disallowance of trusted locations on the network must be enforced.
3
Rule
Severity: Medium
The scanning of encrypted macros in open XML documents must be enforced.
1
Rule
Severity: Medium
The ability to run programs from a PowerPoint presentation must be disallowed.
2
Rule
Severity: Medium
Attachments opened from Outlook must be in Protected View.
1
Rule
Severity: Medium
Disabling of user name and password syntax from being used in URLs must be enforced in PowerPoint Viewer.
1
Rule
Severity: Medium
The Saved from URL mark must be selected to enforce Internet zone processing in PowerPoint Viewer.
1
Rule
Severity: Medium
Navigation to URLs embedded in Office products must be blocked in PowerPoint Viewer.
4
Rule
Severity: Medium
Macros must be blocked from running in Office files from the Internet.
2
Rule
Severity: Medium
Navigation to URLs embedded in Office products must be blocked in PowerPoint.
2
Rule
Severity: Medium
Files in unsafe locations must be opened in Protected View.
4
Rule
Severity: Medium
Document behavior if file validation fails must be set.
4
Rule
Severity: Medium
Files on local Intranet UNC must be opened in Protected View.
1
Rule
Severity: Medium
Untrusted intranet zone access to Project servers must not be allowed.
1
Rule
Severity: Medium
Force encrypted macros to be scanned in open XML documents must be determined and configured.
8
Rule
Severity: Medium
Files in unsafe locations must be opened in Protected View.
6
Rule
Severity: Medium
Document behavior if file validation fails must be set.
1
Rule
Severity: Medium
The automatically update links feature must be disabled.
1
Rule
Severity: Medium
Online translation dictionaries must not be used.
9
Rule
Severity: Medium
Disabling of user name and password syntax from being used in URLs must be enforced.
9
Rule
Severity: Medium
Saved from URL mark to assure Internet zone processing must be enforced.
8
Rule
Severity: Medium
Navigation to URL's embedded in Office products must be blocked.
9
Rule
Severity: Medium
Data Execution Prevention must be enforced.
10
Rule
Severity: Medium
Navigation to URLs embedded in Office products must be blocked.
6
Rule
Severity: Medium
All automatic loading from Trusted Locations must be disabled.
4
Rule
Severity: Medium
Force encrypted macros to be scanned in open XML documents must be determined and configured.
1
Rule
Severity: Medium
Disallowance of Trusted Locations on the network must be enforced.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to disable local setting override for reporting to Microsoft MAPS.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to join Microsoft MAPS.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to only send safe samples for MAPS telemetry.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to not allow override of behavior monitoring.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to enable behavior monitoring.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to turn on e-mail scanning.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to block executable content from email client and webmail.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured block Office applications from creating child processes.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured block Office applications from creating executable content.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to block Office applications from injecting into other processes.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to impede JavaScript and VBScript to launch executables.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to block execution of potentially obfuscated scripts.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to block Win32 imports from macro code in Office.
1
Rule
Severity: Medium
Microsoft Defender AV must be configured to prevent user and apps from accessing dangerous websites.
2
Rule
Severity: Medium
Macro storage must be in personal macro workbooks.
2
Rule
Severity: Medium
Internet links and Network UNCs created as embedded hyperlinks must be prevented.
1
Rule
Severity: Medium
Load pictures from Web pages must be disallowed.
1
Rule
Severity: Medium
Macro storage must be in Personal macro workbooks.
5
Rule
Severity: Medium
Attachments opened from Outlook must be in Protected View.
8
Rule
Severity: Medium
The Saved from URL mark must be selected to enforce Internet zone processing.
2
Rule
Severity: Medium
All automatic loading from trusted locations must be disabled.
1
Rule
Severity: Medium
The scanning of encrypted macros in open XML documents must be enforced.
2
Rule
Severity: Medium
Disallowance of trusted locations on the network must be enforced.
1
Rule
Severity: Medium
The loading of images from web pages must not be allowed.
1
Rule
Severity: Medium
Macro storage must be in personal macro workbooks.
1
Rule
Severity: Medium
Excel attachments opened from Outlook must be in Protected View.
2
Rule
Severity: Medium
Macros must be blocked from running in Office 2013 files from the Internet.
2
Rule
Severity: Medium
Excel attachments opened from Outlook must be in Protected View.
1
Rule
Severity: Medium
Email with InfoPath forms must be configured to show UI to recipients.
1
Rule
Severity: Medium
Dynamic caching of InfoPath eMail forms must be disabled.
2
Rule
Severity: Medium
Disabling of email forms from the Full Trust Security Zone must be configured.
2
Rule
Severity: Medium
Disabling email forms from the Internet Security Zone must be configured.
2
Rule
Severity: Medium
Disabling email forms running in Restricted Security Level must be configured.
2
Rule
Severity: Medium
Disabling the opening of solutions from the Internet Security Zone must be configured.
1
Rule
Severity: Medium
Disabling sending form templates with the email forms must be configured.
1
Rule
Severity: Medium
InfoPath 2003 forms as email forms in InfoPath 2010 must be disallowed.
1
Rule
Severity: Medium
Unsafe file types must be prevented from being attached to InfoPath forms.
1
Rule
Severity: Medium
InfoPath must be enforced to not use e-mail forms from the Intranet security zone.
1
Rule
Severity: Medium
InfoPath e-mail forms in Outlook must be disallowed.
1
Rule
Severity: Medium
Disabling opening forms with managed code from the Internet security zone must be configured.
1
Rule
Severity: Medium
Email with InfoPath forms must be configured to show UI to recipients.
1
Rule
Severity: Medium
Disable dynamic caching of the form template in InfoPath eMail forms.
1
Rule
Severity: Medium
Disabling sending form templates with the email forms must be configured.
1
Rule
Severity: Medium
InfoPath 2003 forms as email forms in InfoPath 2013 must be disallowed.
1
Rule
Severity: Medium
Unsafe file types must be prevented from being attached to InfoPath forms.
1
Rule
Severity: Medium
InfoPath must be enforced to not use email forms from the Intranet security zone.
1
Rule
Severity: Medium
InfoPath email forms in Outlook must be disallowed.
1
Rule
Severity: Medium
Disabling opening forms with managed code from the Internet security zone must be configured.
2
Rule
Severity: Medium
Documents must be configured to not open as Read Write when browsing.
1
Rule
Severity: Medium
Relying on Vector markup Language (VML) for displaying graphics in browsers must be disallowed.
2
Rule
Severity: Medium
Automation Security to enforce macro level security in Office documents must be configured.
1
Rule
Severity: Medium
The ability to create an online presentation programmatically must be disabled.
1
Rule
Severity: Medium
ActiveX One-Off forms must be configured.
2
Rule
Severity: Medium
Scripts in One-Off Outlook forms must be disallowed.
2
Rule
Severity: Medium
The Add-In Trust Level must be configured.
2
Rule
Severity: Medium
Outlook Object Model scripts must be disallowed to run for public folders.
2
Rule
Severity: Medium
Outlook Object Model scripts must be disallowed to run for shared folders.
2
Rule
Severity: Medium
Users customizing attachment security settings must be prevented.
2
Rule
Severity: Medium
Automation Security to enforce macro level security in Office documents must be configured.
2
Rule
Severity: Medium
The ability to create an online presentation programmatically must be disabled.
1
Rule
Severity: Medium
Vector markup Language (VML) for displaying graphics in browsers must be disallowed.
1
Rule
Severity: Medium
Customer-submitted templates downloads from Office.com must be disallowed.
1
Rule
Severity: Medium
Disable user name and password syntax from being used in URLs
1
Rule
Severity: Medium
Active X One-Off forms must be configured.
1
Rule
Severity: Medium
Outlook Object Model scripts must be disallowed to run for shared folders.
1
Rule
Severity: Medium
Outlook Object Model scripts must be disallowed to run for public folders.
1
Rule
Severity: Medium
ActiveX One-Off forms must be configured.
1
Rule
Severity: Medium
The Add-In Trust Level must be configured.
1
Rule
Severity: Medium
Users customizing attachment security settings must be prevented.
1
Rule
Severity: Medium
Scripts in One-Off Outlook forms must be disallowed.
1
Rule
Severity: Medium
Disabling of user name and password syntax from being used in URLs must be enforced in PowerPoint.
1
Rule
Severity: Medium
The Saved from URL mark must be selected to enforce Internet zone processing in PowerPoint.
1
Rule
Severity: Medium
Enforce encrypted macros to be scanned in open XML documents must be determined and configured.
3
Rule
Severity: Medium
Disallowance of Trusted Locations on the network must be enforced.
2
Rule
Severity: Medium
The ability to run programs from a PowerPoint presentation must be disallowed.
1
Rule
Severity: Medium
Disabling of user name and password syntax from being used in URLs must be enforced in PowerPoint Viewer.
1
Rule
Severity: Medium
The Saved from URL mark must be selected to enforce Internet zone processing in PowerPoint Viewer.
2
Rule
Severity: Medium
The Publisher Automation Security Level must be configured for high security.
1
Rule
Severity: Medium
The Saved from URL mark must be selected to enforce Internet zone processing
1
Rule
Severity: Medium
Navigation to URLs embedded in Office products must be blocked in PowerPoint Viewer.
2
Rule
Severity: Medium
Untrusted intranet zone access to Project servers must not be allowed.
1
Rule
Severity: Medium
The Publisher Automation Security Level must be configured for high security.
1
Rule
Severity: Medium
The automatically update links feature must be disabled.
1
Rule
Severity: Medium
Online translation dictionaries must not be used.
1
Rule
Severity: Medium
Macros must be blocked from running in Office 2013 files from the Internet.
1
Rule
Severity: Medium
The automatically update links feature must be configured as off.
1
Rule
Severity: Medium
Online translation dictionaries must be in use.
1
Rule
Severity: Medium
Extensions that are approved for use must be allowlisted.
2
Rule
Severity: Medium
URLs must be allowlisted for Autoplay use.
1
Rule
Severity: Medium
The Initialize and script ActiveX controls not marked as safe property must be disallowed (Internet zone).
1
Rule
Severity: Medium
Prevent per-user installation of ActiveX controls must be enabled.
1
Rule
Severity: Medium
The Initialize and script ActiveX controls not marked as safe must be disallowed (Intranet Zone).
1
Rule
Severity: Medium
The Initialize and script ActiveX controls not marked as safe must be disallowed (Trusted Sites Zone).
1
Rule
Severity: Medium
The Initialize and script ActiveX controls not marked as safe property must be disallowed (Restricted Sites zone).
1
Rule
Severity: Medium
ActiveX controls marked safe for scripting must be disallowed (Restricted Sites zone).
1
Rule
Severity: Medium
Software must be disallowed to run or install with invalid signatures.
3
Rule
Severity: Medium
The Macro Runtime Scan Scope must be enabled for all documents.
3
Rule
Severity: Medium
Macros in all Office applications that are opened programmatically by another application must be opened based upon macro security level.
3
Rule
Severity: Medium
User name and password must be disabled in all Office programs.
3
Rule
Severity: Medium
Navigate URL must be enabled in all Office programs.
3
Rule
Severity: Medium
The Save from URL feature must be enabled in all Office programs.
3
Rule
Severity: Medium
Trusted Locations on the network must be disabled in Excel.
3
Rule
Severity: Medium
Updating of links in Excel must be prompted and not automatic.
3
Rule
Severity: Medium
Scan of encrypted macros in Excel Open XML workbooks must be enabled.
3
Rule
Severity: Medium
Macros must be blocked from running in Excel files from the Internet.
3
Rule
Severity: Medium
Files from unsafe locations must be opened in Excel in Protected View mode.
3
Rule
Severity: Medium
Files failing file validation must be opened in Excel in Protected view mode and disallow edits.
3
Rule
Severity: Medium
File attachments from Outlook must be opened in Excel in Protected mode.
1
Rule
Severity: Medium
ActiveX controls without prompt property must be used in approved domains only (Internet zone).
1
Rule
Severity: Medium
ActiveX controls without prompt property must be used in approved domains only (Restricted Sites zone).
3
Rule
Severity: Medium
Scripts associated with public folders must be prevented from execution in Outlook.
3
Rule
Severity: Medium
Scripts associated with shared folders must be prevented from execution in Outlook.
3
Rule
Severity: Medium
Active X One-Off forms must only be enabled to load with Outlook Controls.
3
Rule
Severity: Medium
Outlook must be configured to not run scripts in forms in which the script and the layout are contained within the message.
3
Rule
Severity: Medium
Trusted Locations on the network must be disabled in Project.
3
Rule
Severity: Medium
The ability to run programs from PowerPoint must be disabled.
3
Rule
Severity: Medium
Encrypted macros in PowerPoint Open XML presentations must be scanned.
3
Rule
Severity: Medium
File validation in PowerPoint must be enabled.
3
Rule
Severity: Medium
Macros from the Internet must be blocked from running in PowerPoint.
3
Rule
Severity: Medium
If file validation fails, files must be opened in Protected view in PowerPoint with ability to edit disabled.
3
Rule
Severity: Medium
The use of network locations must be ignored in PowerPoint.
3
Rule
Severity: Medium
Trusted Locations on the network must be disabled in Visio.
3
Rule
Severity: Medium
Macros must be blocked from running in Visio files from the Internet.
3
Rule
Severity: Medium
In Word, encrypted macros must be scanned.
3
Rule
Severity: Medium
In Word, macros must be blocked from running, even if Enable all macros is selected in the Macro Settings section of the Trust Center.
3
Rule
Severity: Medium
Trusted Locations on the network must be disabled in Word.
4
Rule
Severity: Medium
The operating system must disable information system functionality that provides the capability for automatic execution of code on mobile devices without user direction.
2
Rule
Severity: Medium
The system must restrict the ability of users to assume excessive privileges to members of a defined group and prevent unauthorized users from accessing administrative tools.
1
Rule
Severity: Low
Extensions that are approved for use must be allowlisted.
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules