Windows Server 2019 must preserve zone information when saving attachments.

An XCCDF Rule

Details
Profiles

Description

Attachments from outside sources may contain malicious code. Preserving zone of origin (Internet, intranet, local, restricted) information on file attachments allows Windows to determine risk.

ID: SV-205924r991589_rule
Version: WN19-UC-000010
Severity: Medium
References: CCI-000366
Updated: 6 days ago

Remediation Templates

The default behavior is for Windows to mark file attachments with their zone information.

If this needs to be corrected, configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager >> "Do not preserve zone information in file attachments" to "Not Configured" or "Disabled".

Windows Server 2019 must preserve zone information when saving attachments.

Description

Remediation Templates

A Manual Procedure