Files downloaded from the Internet must be opened in Protected view in Word.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-223402 | O365-WD-000003 | SV-223402r961086_rule | CCI-001662 | medium |
| Description | ||||
| This policy setting allows you to determine if files downloaded from the Internet zone open in Protected View. If you enable this policy setting, files downloaded from the Internet zone do not open in Protected View. If you disable or do not configure this policy setting, files downloaded from the Internet zone open in Protected View. | ||||
| STIG | Date | |||
| Microsoft Office 365 ProPlus Security Technical Implementation Guide | 2025-03-05 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
SC-18(1)
1.00
- DISA · 3 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-001662
1.00
- DISA · 3 · disa_xccdf · related
Details
Check Text (C-223402r961086_chk)
Verify the policy setting, User Configuration >> Administrative Templates >> Microsoft Word 2016 >> Word Options >> Security >> Trust Center >> Protected View >> Do not open files from the Internet zone in Protected View is set to "Disabled".
Use the Windows Registry Editor to navigate to the following key:
HKCU\software\policies\microsoft\office\16.0\word\security\protectedview
If the value for disableinternetfilesinpv is REG_DWORD = 0, this is not a finding. If the value does not exist, this is not a finding.
If the value is REG_DWORD = 1, this is a finding.
Fix Text (F-25063r442426_fix)
Set the policy setting, User Configuration >> Administrative Templates >> Microsoft Word 2016 >> Word Options >> Security >> Trust Center >> Protected View >> Do not open files from the Internet zone in Protected View to "Disabled".