Microsoft Word 2016 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Scripted Window Security must be enforced.
Malicious websites often try to confuse or trick users into giving a site permission to perform an action allowing the site to take control of the users' computers in some manner. Disabling or not ...Rule Medium Severity -
Add-ins to Office applications must be signed by a Trusted Publisher.
This policy setting controls whether add-ins for this applications must be digitally signed by a trusted publisher. If you enable this policy setting, this application checks the digital signature ...Rule Medium Severity -
Trust Bar Notifications for unsigned application add-ins must be blocked.
This policy setting controls whether the specified Office application notifies users when unsigned application add-ins are loaded or silently disable such add-ins without notification. This policy ...Rule Medium Severity -
File Downloads must be configured for proper restrictions.
Disabling this setting allows websites to present file download prompts via code without the user specifically initiating the download. User preferences may also allow the download to occur without...Rule Medium Severity -
All automatic loading from trusted locations must be disabled.
This policy setting allows administrators to disable all trusted locations in the specified applications. Trusted locations specified in the Trust Center are used to define file locations that are ...Rule Medium Severity -
Trust access for VBA must be disallowed.
This policy setting controls whether automation clients such as Microsoft Visual Studio 2005 Tools for Microsoft Office (VSTO) can access the Visual Basic for Applications project system in the spe...Rule Medium Severity -
Document behavior if file validation fails must be set.
This policy setting controls how Office handles documents when they fail file validation. If you enable this policy setting, you can configure the following options for files that fail file validat...Rule Medium Severity -
The automatically update links feature must be disabled.
When users open documents Word automatically updates any links to external content, such as graphics, Excel worksheets, and PowerPoint slides. To disable automatic updating, the user can click the ...Rule Medium Severity -
Warning Bar settings for VBA macros must be configured.
This policy setting controls how the specified applications warn users when Visual Basic for Applications (VBA) macros are present. If you enable this policy setting, you can choose from four optio...Rule Medium Severity -
Word 2000 binary documents and templates must be configured to edit in protected view.
This policy setting allows you to determine whether users can open, view, edit, or save Word files with the format specified by the title of this policy setting. If you enable this policy setting, ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.