Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Microsoft Office System 2016 Security Technical Implementation Guide
SRG-APP-000516
Smart Documents use of Manifests in Office must be disallowed.
Smart Documents use of Manifests in Office must be disallowed.
An XCCDF Rule
Details
Profiles
Prose
Smart Documents use of Manifests in Office must be disallowed.
Medium Severity
<VulnDiscussion>This policy setting controls whether Office 2016 applications can load an XML expansion pack manifest file with a Smart Document. An XML expansion pack is the group of files that constitutes a Smart Document in Excel and Word. You package one or more components that provide the logic needed for a Smart Document by using an XML expansion pack. These components can include any type of file, including XML schemas, Extensible Stylesheet Language Transforms (XSLTs), dynamic-link libraries (DLLs), and image files, as well as additional XML files, HTML files, Word files, Excel files, and text files. The key component to building an XML expansion pack is creating an XML expansion pack manifest file. By creating this file, you specify the locations of all files that make up the XML expansion pack, as well as information that instructs Office 2016 how to set up the files for your Smart Document. The XML expansion pack can also contain information about how to set up some files, such as how to install and register a COM object required by the XML expansion pack. If you enable this policy setting, Office 2016 applications cannot load XML expansion packs with Smart Documents. If you disable or do not configure this policy setting, Office 2016 applications can load an XML expansion pack manifest file with a Smart Document.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>