Back to Blog
Office excel 20136/15/2023 The Save commands default file format must be configured. Open/Save actions for Excel 4 worksheets must be blocked. Enabling block of the specified format mitigates zero-day security attacks (which are. This setting specifies whether users can open, view, edit, or save files saved in the specified format. Open/Save actions for Excel 4 workbooks must be blocked. For example, if a comma-separated values (CSV) file named example.csv is renamed example.xls, Excel can properly load it as. A number of changes might need to be made to allow the.įile types must be configured to provide mismatch warningsĮxcel can load files with extensions that do not match the files' type. The AutoRepublish warning alert must be provided.ĪutoRepublish is a feature in Excel allowing workbooks to be automatically republished to the World Wide Web each time the workbook is saved. If an Excel workbook contains links to other documents and users are not prompted to approve them, the contents of the workbook might change without the users' knowledge because the linked files. The Update of automatic links setting must be configured to prompt user before allowing links to be updated. If users choose to publish Excel data to a static web page and enable the AutoRepublish feature, Excel saves a copy of the data to the web page every time the user saves the workbook. This functionality can be controlled separately for instances of Internet Explorer spawned by.Īutomatic republish to web pages must be disallowed. To protect users from attacks, Internet Explorer usually does not attempt to load malformed URLs. Navigation to URLs embedded in Office products must be blocked. This functionality can be controlled separately for instances of. The "Pop-up Blocker" feature in Internet Explorer can be used to block most unwanted pop-up and pop-under windows from appearing. Links that invoke instances of Internet Explorer from within an Office product must be blocked. If an application is configured to require all add-ins to be signed by a trusted publisher, any unsigned add-ins the application loads will be disabled and the application will display the Trust. Trust Bar Notifications for unsigned application add-ins must be blocked. Findings (MAC III - Administrative Sensitive) Finding ID
0 Comments
Read More
Leave a Reply. |