Microsoft Outlook 2010 STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Active X One-Off forms must be configured.
<VulnDiscussion>Third-party ActiveX controls are not allowed to run in one-off forms in Outlook. You can change this behavior so that Safe Co...Rule Medium Severity -
DTOO246 - Scripts in One-Off Forms
<GroupDescription></GroupDescription>Group -
Scripts in One-Off Outlook forms must be disallowed.
<VulnDiscussion>Malicious code can be included within Outlook forms, and such code could be executed when users open the form. By default, O...Rule Medium Severity -
DTOO273 - Block Trusted Zones
<GroupDescription></GroupDescription>Group -
IE Trusted Zones assumed 'trusted' must be blocked.
<VulnDiscussion>Malicious users can send HTML e-mail messages with embedded Web beacons, which are pictures and other content from external s...Rule Medium Severity -
DTOO236 - Add-In Trust Level
<GroupDescription></GroupDescription>Group -
The Add-In Trust Level must be configured.
<VulnDiscussion>Under normal circumstances the installed COM add-ins are applications that have been approved and intentionally deployed by t...Rule Medium Severity -
DTOO250 - Object Model Prompt for Address Book
<GroupDescription></GroupDescription>Group -
Object Model Prompt behavior for programmatic address books must be configured.
<VulnDiscussion>If an untrusted application accesses the address book, the application could gain access to sensitive data and potentially ch...Rule Medium Severity -
DTOO241 - Demote Attachments to Level 2
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules