Microsoft Excel 2010
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Pre-release versions of file formats new to Office Products must be blocked.
The Microsoft Office Compatibility Pack for Excel 2010 File Formats installed can open Office Open XML files saved with pre-release versions of Excel 2010. Excel Open XML files usually have the fol...Rule Medium Severity -
DTOO133-Disable all trusted locations
Group -
Corrupt workbook options must be disallowed.
This setting controls whether Excel presents users with a list of data extraction options before beginning an Open and Repair operation when users choose to open a corrupt workbook in repair or ext...Rule Medium Severity -
DTOO142 - Force Scan Encr. Macros in open XML
Group -
DTOO134 - Trusted locations on computer
Group -
Disallowance of Trusted Locations on the network must be enforced.
Files located in Trusted Locations and specified in the Trust Center are assumed to be safe. Content, code, and add-ins are allowed to load from Trusted Locations with minimal security and without ...Rule Medium Severity -
DTOO139 - Save files default format
Group -
DTOO146-Disable Trust access to VB Project Macros
Group -
Trust access for VBA must be disallowed.
VSTO projects require access to the Visual Basic for Applications project system in Excel, PowerPoint, and Word, even though the projects do not use Visual Basic for Applications. Design-time suppo...Rule Medium Severity -
DTOO304 - VBA Macro Warning settings
Group -
DTOO119 - Turn off file validation
Group -
DTOO143 - Force File Extension to match type
Group -
DTOO138 - Internet and Network Path hyperlinks
Group -
DTOO140 - Disable AutoRepublish
Group -
DTOO150 - Automatic Link Updates
Group -
DTOO141 - AutoRepublish Warning Alert
Group -
DTOO152 - Load pics from Web not in Excel
Group -
DTOO145 - Store macro in workbook
Group -
DTOO126 - Add-on Management
Group -
DTOO209 - Zone Elevation Protection
Group -
DTOO211 - Restrict ActiveX Install
Group -
DTOO132 - Restrict File Download
Group -
DTOO124 - Scripted Window Security
Group -
DTOO127 - Add-ins are signed by Trusted Publisher
Group -
DTOO128 - Data Execution Prevention
Group -
DTOO118 - Do not show data extraction options
Group -
DTOO113 - Macrosheets and add-in files
Group -
DTOO114 - Excel 2 worksheets
Group -
DTOO115 - Excel 3 macrosheets and add-in files
Group -
DTOO116 - Excel 3 worksheets
Group -
DTOO105 - Excel 4 macrosheets and add-in files
Group -
DTOO106 - Excel 4 workbooks
Group -
DTOO107 - Excel 4 worksheets
Group -
DTOO108 - Excel 95 workbooks
Group -
DTOO109 - Excel 95-97 workbooks and templates
Group -
DTOO110 - Set default file block behavior
Group -
DTOO120 -Web pages and Excel 2003 XML spreadsheets
Group -
DTOO121 - Files from the Internet zone
Group -
DTOO288 - Files in unsafe locations
Group -
Document behavior if file validation fails must be set.
This policy key controls the behavior of how Office documents should be handled when failing File Validation. The options available are: -Block files completely. This will prevent users from openin...Rule Medium Severity -
DTOO293 - Turn off Protected View for attachments
Group -
Attachments opened from Outlook must be in Protected View.
This policy setting allows for determining if Excel files in Outlook attachments open in Protected View. If enabling this policy setting, Outlook attachments do not open in Protected View. If disab...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.