UCF STIG Viewer Logo

Microsoft Outlook 2007

Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-17184 Medium Block pop-ups for links that invoke instances of IE from within Outlook.
V-17183 Medium Block navigation to URL embedded in Office products to protect against attack by malformed URL.
V-17808 Medium Enable the "turn off RSS Feeds" feature in Outlook.
V-17575 Medium Configure trusted add-ins behavior for eMail.
V-17573 Medium Configure Object Model Prompt behavior for Meeting and Task Responses.
V-17675 Medium Do not allow Outlook Object Model scripts to run for public folders - Outlook.
V-17674 Medium Do not allow folders in non-default stores to be set as folder home pages - Outlook.
V-17763 Medium Prevent publishing calendars to Office Online. - Outlook
V-17601 Medium Prompting behavior when closing a Level 1 attachment in Outlook.
V-17602 Medium Promping behavior for Level 1 attachments on Sending - Outlook.
V-17760 Medium Configure Outlook Security Mode to use Policy settings. - Outlook.
V-17587 Medium Disable the "remember password" for internet e-mail accounts - Outlook.
V-17748 Medium Junk email protection level for outlook
V-17585 Medium Configure Dial-up and Hang up Options for Outlook.
V-17807 Medium Trust EMail from senders in receiver's contact list - Outlook.
V-17803 Medium Set security feature to always warn about invalid signature - Outlook.
V-17734 Medium Require user Authentication with Exchange Server - Outlook
V-17733 Medium Attachments using generated name for secure temporary folders - Outlook.
V-17572 Medium Configure Object Model Prompt behavior for programmatic access of user address data.
V-17615 Medium Enable RPC encryption between Outook and Exchange server.
V-17624 Medium Hide Junk Mail UI configuration for Outlook.
V-17173 Medium Disable user name and password syntax from being used in URLs
V-17174 Medium Enable IE Bind to Object functionality for instances of IE launched from Outlook
V-17175 Medium Evaluate Saved from URL mark when launched from OutLook
V-17778 Medium Configure "retrieving Certificate Revokation List" (CRL) data - Outlook
V-17546 Medium Access restriction settings for published calendars in Outlook.
V-17562 Medium Do not allow Scripts in One-Off Outlook forms.
V-17564 Medium Block IE Trusted Zones from being assumed 'trusted' for EMail Download purposes.
V-17567 Medium Set the Object Model Prompt behavior for programmatic access of the UserProperties.Find Method
V-17566 Medium All installed trusted COM addins can be trusted.
V-17569 Medium Allow Users to demote an EMail Level 1 attachment to Level 2.
V-17568 Medium Configure Outlook Object Model Prompt behavior for programmatic address book accesses.
V-17755 Medium Enable messages formats are set to use SMime - Outlook.
V-17571 Medium Configure Object Model Prompt behavior for the SaveAs method.
V-17787 Medium Run in FIPS compliant mode - Outlook.
V-17678 Medium Do not include Internet Calendar Integration in Outlook.
V-17634 Medium Configure the "include Intranet" with Safe Zones for automatic picture downloads.
V-17613 Medium Enable links in Email Messages - Outlook.
V-17771 Medium Read signed email as plain text.
V-17610 Medium Disable download full text of articles as HTML attachments in Outlook.
V-17774 Medium Do not Remove file extensions blocked as level 1.
V-17775 Medium Do not remove file extensions blocked as level 2 - Outlook.
V-17776 Medium Restrict level of calendar details that a user can publish - Outlook.
V-17777 Medium Restrict upload method for publishing calendars to Office Online - Outlook.
V-17806 Medium RSS feed synchronization with Common Feed List - Outlook.
V-17753 Medium Make Outlook the default email, calendar, and contacts program.
V-17802 Medium Set custom Outlook Object Model (OOM) action execution prompt - Outlook.
V-17630 Medium Include the Internet with Safe Zones for Picture Download - Outlook
V-17800 Medium Configure to send all signed messages as clear signed messages - Outlook.
V-17944 Medium Disable User Entries to Server List - Outlook
V-17770 Medium Read EMail as plain text - Outlook.
V-17738 Medium Automatically download Internet Calendar appointment attachments.
V-17559 Medium Do not allow Active X One-Off forms to be used in Outlook.
V-17766 Medium Prevent users from customizing attachment security settings - Outlook
V-17739 Medium Disable automatic download content for email from people in Safe Senders and Safe reciipeint lists.
V-17791 Medium Configure S/Mime password setting - default S/Mime password time
V-17762 Medium Prevent publishing to a Web Distributed and Authoring (DAV) server - Outlook.
V-17671 Medium Disable the ability to displaly level 1 attachments in Outlook.
V-17558 Medium Disable the feature of adding recipients of sent eMail to the 'save sender's list.
V-17736 Medium Automatically configure user profile based on Active Directory primary SMTP address - Outlook
V-17672 Medium Display external content and pictures in HTML eMail - Outlook.
V-17756 Medium Enable the Missing Root Certificates warning - Outlook.
V-17761 Medium Disable Plain Text Options for outbound email - Outlook
V-17677 Medium Do not check eMail address against address of certificates being used - Outlook
V-17676 Medium Do not allow Outlook Object Model scripts to run for shared folders - Outlook.
V-41493 Medium Text in Outlook that represents Internet and network paths must not be automatically turned into hyperlinks.
V-17801 Medium Set Control Item property prompt for data, to automatically deny.
V-17812 Medium Disable the feature that uses Unicode when dragging eMail message to file system - Outlook.
V-17570 Medium Configure Object Model Prompt behavior for accessing User Property Formula.
V-17798 Medium Create settings to Always warn on untrusted macros - Outlook.
V-17470 Medium Do not permit download of content from safe zones - Outlook
V-17604 Medium Do not provide Continue Option on Encryption Warning dialog box - Outlook.
V-17574 Medium Configure Object Model Prompt for programmatic email send behavior.
V-17795 Medium Enable security feature to never automatically send s/Mime receipt requests.
V-17792 Medium Enable the feature and configure the maximum S/Mime password time setting.
V-17673 Medium Disable the "do not allow creating, replying or forwarding of signatures' feature - Outlook
V-17790 Medium No S/Mime interoperability with external clients for message handling.
V-17586 Medium Configure Outlook Dial-up options to Warn user before allowing switch in dial-up access.