Microsoft Office System 2010 STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Automatic receiving of small updates to improve reliability must be disallowed.
<VulnDiscussion>Office Diagnostics is used to improve the user experience by periodically downloading a small file to the computer with updat...Rule Medium Severity -
DTOO193 - Automation Security
<GroupDescription></GroupDescription>Group -
DTOO203 - Legacy Format signatures
<GroupDescription></GroupDescription>Group -
Legacy format signatures must be enabled.
<VulnDiscussion>Office applications use the XML–based XMLDSIG format to attach digital signatures to documents, including Office 97-2003 bina...Rule Medium Severity -
DTOO192 - Load controls for forms3
<GroupDescription></GroupDescription>Group -
Load controls in forms3 must be disabled from loading.
<VulnDiscussion>ActiveX controls are Component Object Model (COM) objects and have unrestricted access to users' computers. ActiveX controls ...Rule Medium Severity -
DTOO179 - Open as Read/Write when browsing
<GroupDescription></GroupDescription>Group -
Documents must be configured to not open as Read Write when browsing.
<VulnDiscussion>Office document on a Web server using Internet Explorer, the appropriate application opens the file in read-only mode. Howeve...Rule Medium Severity -
DTOO199 - Permissions on managed content
<GroupDescription></GroupDescription>Group -
Changing permissions on rights managed content for users must be enforced.
<VulnDiscussion>This setting controls whether Office 2010 users can change permissions for content that is protected with Information Rights ...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.