Document Information panel Beaconing must show UI.
An XCCDF Rule
Description
<VulnDiscussion>For controlling whether users see a security warning when they open custom Document Information Panels that contain a Web beaconing threat. Web beacons can be used to contact an external server when users open forms. Information could be gathered by the form, or information entered by users could be sent to an external server and cause them to be vulnerable to additional attacks.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><Responsibility>Information Assurance Officer</Responsibility><IAControls></IAControls>
- ID
- SV-33458r1_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2010 -> Document Information Panel “Document Information Panel Beaconing UI” to “Enabled (Always show UI)”.