Database functionality configurations must be displayed to the user.
An XCCDF Rule
Description
<VulnDiscussion>This policy setting controls how Access notifies users about untrusted components. If you enable this policy setting, when users attempt to open an untrusted Access database that contains user-programmed executable components, users see a dialog box where they then must choose whether to enable or disable the components before they can work with the database. If you disable or do not configure this policy setting, when users open an untrusted Access database that contains user-programmed executable components, Access opens the database with the components disabled and displays the Message Bar with a warning that database content has been disabled. Users can inspect the contents of the database, but cannot use any disabled functionality until they enable it by clicking Options on the Message Bar and selecting the appropriate action. </VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-85569r1_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Access 2016 -> Tools \ Security "Modal Trust Decision Only" to "Disabled".