Start >
Office >
Word >
Word Unsafe Locations In Beveiligde Weergave
BIO 12.02.01
Word Unsafe Locations In Beveiligde Weergave
π
2025-10-30
β’
β±οΈ 4 minuten lezen
β’
π΄ Must-Have
π₯ Download
π Bookmark
π€ Share
πΌ Management Samenvatting
Word van unsafe locations (downloads, temp) β Beveiligde weergave.
Implementatie
1u (tech: 0.5u)
Van toepassing op:
β Word
Unsafe locations is high malware risk. Beveiligde weergave is sandbox.
PowerShell Modules Vereist
Primary API: Intune / GPO
Connection: Registry
Required Modules:
Implementatie
Beveiligde weergave unsafe locations: Policy. EFFECT: Downloads β Beveiligde weergave.
Vereisten
Word
Implementatie
Intune: Word Beveiligde weergave β Unsafe locations is ingeschakeld
Monitoring
Gebruik PowerShell-script unsafe-locations-protected-view-enabled.ps1 (functie Invoke-Monitoring) β Controleren.
Verify ingeschakeld
Compliance en Auditing
DISA STIG
BIO 12.02
Gebruik PowerShell-script unsafe-locations-protected-view-enabled.ps1 (functie Invoke-Remediation) β Herstellen.
Compliance & Frameworks
BIO: 12.02.01 - Bescherming tegen malware
Automation
Gebruik het onderstaande PowerShell script om deze security control te monitoren en te implementeren. Het script bevat functies voor zowel monitoring (-Monitoring) als remediation (-Remediation).
<
.SYNOPSIS
Dwingt Protected View voor onveilige locaties in Word
.DESCRIPTION
CIS O365-WD-000004
.NOTES
Registry: HKCU:\Software\Policies\Microsoft\Office\16 .0 \WORD\Security, unsafelocationsprotectedviewenabled = 1
param ([switch ]$Monitoring , [switch ]$Remediation , [switch ]$Revert , [switch ]$WhatIf )
$RegistryPath = "HKCU:\Software\Policies\Microsoft\Office\16 .0 \WORD\Security"; $ValueName = "unsafelocationsprotectedviewenabled"; $ExpectedValue = 1 ; $ControlID = "O365-WD-000004 "
function Test-Compliance { try { if (-not(Test-Path $RegistryPath )) { return $false }; $c = Get-ItemProperty -Path $RegistryPath -Name $ValueName -ErrorAction SilentlyContinue; return ($c -and $c .$ValueName -eq $ExpectedValue ) }catch { return $false } }
function Invoke-Monitoring { Write-Host "Monitoring ${ControlID}" -ForegroundColor Green; try { if (-not(Test-Path $RegistryPath )) { Write-Host "β Non-compliant" -ForegroundColor Red; return $false }; $c = Get-ItemProperty -Path $RegistryPath -Name $ValueName -ErrorAction SilentlyContinue; if ($c -and $c .$ValueName -eq $ExpectedValue ) { Write-Host "β Compliant" -ForegroundColor Green; return $true }else { Write-Host "β Non-compliant" -ForegroundColor Red; return $false } }catch { Write-Host "β Fout" -ForegroundColor Red; return $false } }
function Invoke-Remediation { Write-Host "Remediating ${ControlID}" -ForegroundColor Yellow; try { if ($WhatIf ) { Write-Host "WhatIf" -ForegroundColor Cyan; return $true }; if (-not(Test-Path $RegistryPath )) { New-Item -Path $RegistryPath -Force | Out-Null }; Set-ItemProperty -Path $RegistryPath -Name $ValueName -Value $ExpectedValue -Type DWord -Force; Write-Host "β Ingesteld" -ForegroundColor Green; Start-Sleep -Seconds 1 ; return Invoke-Monitoring }catch { Write-Host "β Fout" -ForegroundColor Red; return $false } }
function Invoke-Revert { Write-Host "Reverting ${ControlID}" -ForegroundColor Yellow; try { if ($WhatIf ) { Write-Host "WhatIf" -ForegroundColor Cyan; return $true }; if (Test-Path $RegistryPath ) { Remove-ItemProperty -Path $RegistryPath -Name $ValueName -ErrorAction SilentlyContinue; Write-Host "β Verwijderd" -ForegroundColor Green }; return $true }catch { Write-Host "β Fout" -ForegroundColor Red; return $false } }
try { if ($Monitoring ) { exit $(if (Invoke-Monitoring) { 0 }else { 1 }) }elseif ($Remediation ) { exit $(if (Invoke-Remediation) { 0 }else { 1 }) }elseif ($Revert ) { exit $(if (Invoke-Revert) { 0 }else { 1 }) }else { Write-Host "Gebruik: .\unsafe-locations-protected-view-enabled.ps1 [-Monitoring] [-Remediation] [-Revert] [-WhatIf]" -ForegroundColor Yellow } }catch { Write-Host "β Fout" -ForegroundColor Red; exit 1 }
Risico zonder implementatie
Risico zonder implementatie
High: Hoog malware risico.
Management Samenvatting
Beveiligde weergave unsafe locations. Implementatie: 30-60 min.
Implementatietijd: 1 uur
FTE required: 0.01 FTE