In an effort to enhance cybersecurity, the Federal Office for Information Security (BSI) has published guidelines for the secure configuration of Microsoft Office 2013, 2016, and 2019. These guidelines are specifically tailored for deployment on the Microsoft Windows operating system.
Office applications, due to their widespread use and attack surface, are frequently exploited as vectors for cyberattacks. For example, malicious actors often use macros in Office documents to disseminate malware and execute it on target systems. By implementing a well-thought-out configuration for these products, the risk of exploiting standard functions or vulnerabilities can be minimized.
The primary focus of this BSI recommendation is on the deployment of Microsoft Office 2013, 2016, and 2019 in medium to large organizations where end systems are managed with group policies in an Active Directory environment.
These guidelines aim to assist organizations in configuring Microsoft Office applications in a manner that enhances security, mitigates risks, and ensures the safe use of these widely-used office productivity tools.
https://www.allianz-fuer-cybersicherheit.de/SharedDocs/Downloads/Webs/ACS/DE/BSI-CS/BSI-CS_135.html