-
Notifications
You must be signed in to change notification settings - Fork 230
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Impact Analysis - Follow-up investigation of Microsoft change to Sharepoint custom scripting #1216
Comments
17 Jul 2024 - This change hasn't yet appeared to have gone into effect. Check back again in two months. |
Via hands-on testing, I verified that the MS.SHAREPOINT.4.1v1 (custom scripts for personal OneDrive sites) has been removed from the MS Sharepoint admin portal so @ahuynhMITRE we should remove it from the baseline. Create a new issue for that. |
Via hands-on testing, I verified that Microsoft changed the way that MS.SHAREPOINT.4.2v1 (custom scripts for self-service (aka Sharepoint sites) is implemented in the admin portal. This impacts our baseline and I am currently still testing this for the next few days. My interim notes are saved below.
To set it to a non-compliant value use $false. For compliant use $true
|
I set the Custom Scripts setting to Allowed at the site level for the following three sites on 7/17. According to Microsoft they were supposed be automatically reverted back to Blocked within 24 hours. As of today 7/19 only one of the sites was automatically reverted back to Blocked. I checked back again on Monday 7/22 and the the two sites listed below are still allowed (they were not reverted).
|
Update the status of #622 once we determine if we are keeping or removing Sharepoint policy 4.2. We are currently in back and forth discussions and hands-on testing with Microsoft. |
After speaking with Ted to get updated on the status of this investigation following meeting with Microsoft, current suggestion by me is the following with Jellyfish not expecting to have any SCB changes due to the BOD:
Tagging in @mitchelbaker-cisa and @tkol2022 on review on the recommend next steps prior to creating a new issues. |
Thank you!
|
@tkol2022 Is this analysis complete? There are 2 checkboxes in the implementation notes... if those are complete can this issue be closed out? |
🐛 Summary
Microsoft is making updates to the custom scripting configuration options for Sharepoint and OneDrive. The purpose of this issue is to determine if we need to remove or revise policies MS.SHAREPOINT.4.1v1 and 4.2 based on the changes.
https://techcommunity.microsoft.com/t5/sharepoint/removing-custom-scripting-on-sharepoint-sites/m-p/4055563
Original issue #977 was closed and this issue is opened to further investigate once the change is made.
Microsoft's suggestion is to remove the policies once change has been made but will further investigate once update is available in the test tenants.
Implementation notes
The text was updated successfully, but these errors were encountered: