UCF STIG Viewer Logo

Microsoft Office System 2010


Overview

Date Finding Count (38)
2015-06-23 CAT I (High): 0 CAT II (Med): 37 CAT III (Low): 1
STIG Description
Settings in this guidance assume a complete installation of Microsoft Office 2010 on the Windows 7 Platform. Registry paths and values identified in each control assume the use of Group Policy Administrative Templates. Installations not using Group Policies to administer Microsoft Office products may observe alternate registry paths for stored configuration values. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-17765 Medium Changing permissions on rights managed content for users must be enforced.
V-17731 Medium Connection verification of permissions must be enforced.
V-17583 Medium Office must be configured to not allow read with browsers.
V-17581 Medium Blogging entries created from inside Office products must be configured for Sharepoint only.
V-17665 Medium Passwords for secured documents must be enforced.
V-17662 Medium Microsoft passport Service for content must be disallowed.
V-17605 Medium Document Information panel Beaconing must show UI.
V-17660 Medium Inclusion of document properties for PDF and XPS output must be disallowed.
V-17661 Medium The Internet Fax Feature must be disabled.
V-17769 Medium Rights managed Office Open XML files must be protected.
V-17768 Medium Document metadata for password protected files must be protected.
V-17741 Medium Automation Security to enforce macro level security in Office documents must be configured.
V-17627 Medium The Help Improve Proofing Tools feature for Office must be configured.
V-17669 Medium Smart Documents use of Manifests in Office must be disallowed.
V-26629 Medium Key Usage Filtering must be allowed.
V-26704 Medium Encrypt document properties must be configured for OLE documents.
V-17588 Medium Access to updates, add-ins, and patches on Office.com must be disabled.
V-17740 Medium Automatic receiving of small updates to improve reliability must be disallowed.
V-17547 Medium ActiveX control initialization must be disabled.
V-17560 Medium A mix of policy and user locations for Office Products must be disallowed.
V-17590 Medium Trust Bar notifications for Security messages must be enforced.
V-17612 Medium The Customer Experience Improvement Program for Office must be disabled.
V-26626 Medium Hyperlinks to web templates in File | New and task panes must be disabled.
V-17759 Medium Documents must be configured to not open as Read Write when browsing.
V-26631 Medium Customer-submitted templates downloads from Office.com must be disallowed.
V-26630 Medium Online content options must be configured for offline content availability.
V-17750 Medium Load controls in forms3 must be disabled from loading.
V-17805 Medium External Signature Services Menu for Office must be suppressed.
V-17659 Medium Hyperlink warnings for Office must be configured for use.
V-17670 Medium Office client polling of Sharepoint servers published links must be disabled.
V-17749 Medium Legacy format signatures must be enabled.
V-17664 Medium The Opt-In Wizard must be disabled.
V-17773 Medium Vector markup Language (VML) for displaying graphics in browsers must be disallowed.
V-17619 Medium The encryption type for password protected Open XML files must be set.
V-17767 Medium Upload of document templates to Office Online must be prevented.
V-17617 Medium The encryption type for password protected Office 97 thru Office 2003 must be set.
V-26627 Medium Office Live Workspace Integration must be off.
V-17561 Low Choice of output to include PNG (Portable Network Graphics) must be disallowed.