Skip to content

Warning Bar settings for VBA macros must be configured.

An XCCDF Rule

Description

<VulnDiscussion>When users open files containing VBA macros, applications open the files with the macros disabled and display the Trust Bar with a warning that macros are present and have been disabled. Users may then enable these macros by clicking Options on the Trust Bar and selecting the option to enable them. Disabling or not configuring this setting may allow dangerous macros to become active on user computers or the network.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><Responsibility>Information Assurance Officer</Responsibility><IAControls></IAControls>

ID
SV-53586r2_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Word 2013 -> Word Options -> Security -> Trust Center "VBA Macro Notification Settings"  to "Enabled (Disable all with notification)".