Hardening Microsoft Office 2016
Download ACSC Protect Hardening Microsoft Office 2016 (1MB PDF), December 2016
Published December 2016
Workstations are often targeted by an adversary using malicious webpages, emails with malicious attachments and removable media with malicious content in an attempt to extract sensitive information. Hardening the applications used on workstations is an important part of reducing this risk.
This document provides guidance on hardening Microsoft Office 2016 – specifically Microsoft Excel 2016, Microsoft PowerPoint 2016 and Microsoft Word 2016. Before implementing the recommendations in this document, thorough testing should be undertaken to ensure the potential for unintended negative impacts on business processes is reduced as much as possible.
This document is intended for information technology and information security professionals within organisations looking to undertake risk assessments or vulnerability assessments as well as those wishing to develop a hardened standard operating environment for workstations
Table of contents
- High priorities
- Microsoft Office configuration
- Microsoft Office macros
- Microsoft Office patching
- Medium severity issues
- Extension handling
- File type blocking
- Hidden markup
- Office file validation
- Protected view
- Trusted documents
- Low priorities
- Reporting information
Australian government customers with questions regarding this advice can contact ASD Advice and Assistance.
Australian businesses and other private sector organisations seeking further information should contact CERT Australia.