Microsoft Office System 2010 STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
DTOO191-ActiveX Control Initialization for Office
Group -
ActiveX control initialization must be disabled.
ActiveX controls can adversely affect a computer directly. In addition, malicious code can be used to compromise an ActiveX control and attack a computer. To indicate the safety of an ActiveX contr...Rule Medium Severity -
Blogging entries created from inside Office products must be configured for Sharepoint only.
The blogging feature in Office products enables users to compose blog entries and post them to their blogs directly from Office, without using any additional software. By default, users can post bl...Rule Medium Severity -
The Customer Experience Improvement Program for Office must be disabled.
When users choose to participate in the Customer Experience Improvement Program (CEIP), Office applications automatically send information to Microsoft about how the applications are used. This inf...Rule Medium Severity -
The Help Improve Proofing Tools feature for Office must be configured.
The Help Improve Proofing Tools feature collects data about use of the Proofing Tools, such as additions to the custom dictionary, and sends it to Microsoft. After about six months, the feature sto...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules