Yea - its a bit funky
I have tried to find documentation for the Bigfix Office client settings and also did a little review of the relevance to run a policy to force set systems to not be relevant…
Would be nice if HCL provided a simple task to TAG the Office installs, to USE Network share, or USE Local, and also clearly identify systems which will Host the Office Network share - vs assuming all can host with EVERY patch update.
aka release the setup for the next update of Office to only be relevant to the hosts explicitly already taged to support hosting the share, or remove the CVE references from the SETUP tasks