Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Default message format must be set to use Plain Text.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-71269 | DTOO314 | SV-85893r1_rule | Medium |
| Description |
|---|
| This policy setting controls the default message format in Outlook. If you do not configure this policy setting, new e-mail messages in Outlook are formatted as HTML. If you enable this policy setting, you can set the default e-mail format in Outlook to HTML, Rich Text, or plain text. Users can choose a format other than the default when composing messages. If you disable this policy setting, Outlook uses HTML as the default e-mail format and users will not be able to change it. If you do not configure this policy setting, Outlook uses HTML as the default e-mail format, but users can choose a format other than the default when composing messages. |
| STIG | Date |
|---|---|
| Microsoft Outlook 2016 Security Technical Implementation Guide | 2016-11-02 |
Details
| Check Text ( C-71657r6_chk ) |
|---|
| Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Outlook Options -> Mail Format -> Internet Formatting -> Message Format "Set message format" is set to "Enabled: Plain Text". Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\16.0\outlook\options\mail Criteria: If the value EditorPreference is REG_DWORD = 10000 (hex) or 65536 (decimal), this is not a finding. |
| Fix Text (F-77575r1_fix) |
|---|
| Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2016 -> Outlook Options -> Mail Format -> Internet Formatting -> Message Format "Set message format" to "Enabled: Plain Text". |