Microsoft Word 2016 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Save commands default file format must be configured.
This policy setting determines the default file format for saving files in Word. If you enable this policy setting, you can set the default file format from among the following options: - Word Docu...Rule Medium Severity -
SRG-APP-000210
Group -
Force encrypted macros to be scanned in open XML documents must be determined and configured.
This policy setting controls whether encrypted macros in Open XML documents be are required to be scanned with anti-virus software before being opened. If you enable this policy setting, you may ch...Rule Medium Severity -
SRG-APP-000112
Group -
Protection from zone elevation must be enforced.
Internet Explorer places restrictions on each web page users can use the browser to open. Web pages on a user's local computer have the fewest security restrictions and reside in the Local Machine ...Rule Medium Severity -
SRG-APP-000488
Group -
ActiveX Installs must be configured for proper restriction.
Microsoft ActiveX controls allow unmanaged, unprotected code to run on the user computers. ActiveX controls do not run within a protected container in the browser like the other types of HTML or Mi...Rule Medium Severity -
SRG-APP-000210
Group -
Files in unsafe locations must be opened in Protected View.
This policy setting determines whether files located in unsafe locations will open in Protected View. If unsafe locations have not been specified, only the "Downloaded Program Files" and "Temporary...Rule Medium Severity -
SRG-APP-000210
Group -
SRG-APP-000210
Group -
Attachments opened from Outlook must be in Protected View.
This policy setting allows for determining whether Word files in Outlook attachments open in Protected View. If enabling this policy setting, Outlook attachments do not open in Protected View. If d...Rule Medium Severity -
SRG-APP-000141
Group -
SRG-APP-000210
Group -
Online translation dictionaries must not be used.
This policy setting allows you to prevent online dictionaries from being used for the translation of text through the Research pane. If you enable or do not configure this policy setting, the onlin...Rule Medium Severity -
SRG-APP-000207
Group -
Word 2 and earlier binary documents and templates must be blocked for open/save.
This policy setting allows you to determine whether users can open, view, edit, or save Word files with the format specified by the title of this policy setting. If you enable this policy setting, ...Rule Medium Severity -
SRG-APP-000207
Group -
SRG-APP-000207
Group -
Word 6.0 binary documents and templates must be configured for block open/save actions.
This policy setting allows you to determine whether users can open, view, edit, or save Word files with the format specified by the title of this policy setting. If you enable this policy setting, ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.