Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Microsoft Office 365 ProPlus Security Technical Implementation Guide
SRG-APP-000488
SRG-APP-000488
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-APP-000488
1 Rule
<GroupDescription></GroupDescription>
Flash player activation must be disabled in all Office programs.
Medium Severity
<VulnDiscussion>This policy setting controls whether the Adobe Flash control can be activated by Office documents. Note that activation blocking applies only within Office processes. If you enable this policy setting, you can choose from three options to control whether and how Flash is blocked from activation: 1. "Block all activation" prevents the Flash control from being loaded, whether directly referenced by the document or indirectly by another embedded object. 2. "Block embedding/linking, allow other activation" prevents the Flash control from being loaded when directly referenced by the document, but does not prevent activation through another object. 3. "Allow all activation" restores Office's default behavior, allowing the Flash control to be activated. Because this setting is not a true Group Policy setting and "tattoos" the registry, enabling the "Allow all activation" option is the only way to restore default behavior after either of the "Block" options has been applied. It is not recommended to configure this setting to "Disabled" or "Not Configured" after it has been enabled.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>