Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Outlook is not configured to use the Restricted Sites Security Zone.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-6321 | DTMO001 | SV-6391r1_rule | DCMC-1 | Medium |
| Description |
|---|
| Outlook needs to run in the context of the restricted sites zone so when it processes messages in an HTML format the content of the message is controlled and the machine is protected from automatically executing mobile code. |
| STIG | Date |
|---|---|
| Microsoft Outlook 2003 | 2014-10-03 |
Details
| Check Text ( C-599r1_chk ) |
|---|
| Procedure: Start the Outlook application. On the Tools menu, select the Options… item. On the Options window, select the Security tab. Determine the value of the Zone option. Criteria: If the Zone option specifies a value other than Restricted sites, then this is a Finding. |
| Fix Text (F-5844r1_fix) |
|---|
| In Outlook go to the Tools menu and select the Options... item. In the Options window, select the Security tab. Change the value of the Zone option to Restricted sites only. |