Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-17673 | DTOO227 | SV-53886r1_rule | Medium |
Description |
---|
Outlook users can create and use signatures in email messages. Users can add signatures to messages manually, and can also configure Outlook to automatically append signatures to new messages, to replies and forwards, or to all three. Signatures typically include details such as the user's name, title, phone numbers, and office location. When an organization has policies that govern the distribution of this kind of information, using signatures might cause some users to inadvertently violate these policies. |
STIG | Date |
---|---|
Microsoft Outlook 2013 STIG | 2017-03-17 |
Check Text ( C-47918r1_chk ) |
---|
Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013-> Outlook Options -> Mail format "Do not allow signatures for e-mail messages" is set to "Disabled". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\15.0\common\mailsettings Criteria: If the value DisableSignatures is REG_DWORD = 0, this is not a finding. |
Fix Text (F-46791r1_fix) |
---|
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Outlook Options -> Mail format "Do not allow signatures for e-mail messages" to "Disabled". |