UCF STIG Viewer Logo

Microsoft PowerPoint 2013 STIG


Overview

Date Finding Count (40)
2018-04-04 CAT I (High): 0 CAT II (Med): 40 CAT III (Low): 0
STIG Description
The Microsoft PowerPoint 2013 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Classified)

Finding ID Severity Title
V-17187 Medium Trust Bar Notifications for unsigned application add-ins must be blocked.
V-17184 Medium Links that invoke instances of Internet Explorer from within an Office product must be blocked in PowerPoint.
V-17183 Medium Navigation to URLs embedded in Office products must be blocked in PowerPoint.
V-42336 Medium Add-on Management functionality must be allowed in PowerPoint Viewer.
V-42334 Medium Navigation to URLs embedded in Office products must be blocked in PowerPoint Viewer.
V-42335 Medium Scripted Window Security must be enforced in PowerPoint Viewer.
V-17521 Medium The Save commands default file format must be configured.
V-17520 Medium Disallowance of Trusted Locations on the network must be enforced.
V-42330 Medium File Links that invoke instances of Internet Explorer from within an Office product must be blocked in PowerPoint Viewer.
V-17522 Medium Trust access for VBA must be disallowed.
V-17173 Medium Disabling of user name and password syntax from being used in URLs must be enforced in PowerPoint.
V-17174 Medium The Internet Explorer Bind to Object functionality must be enabled in PowerPoint.
V-17175 Medium The Saved from URL mark must be selected to enforce Internet zone processing in PowerPoint.
V-17545 Medium Warning Bar settings for VBA macros must be configured.
V-17788 Medium The ability to run programs from a PowerPoint presentation must be disallowed.
V-26592 Medium Configuration for file validation must be enforced.
V-17809 Medium Automatic download of linked images must be disallowed.
V-17752 Medium Hidden markup options must be visible.
V-42332 Medium The Internet Explorer Bind to Object functionality must be enabled in PowerPoint Viewer.
V-72839 Medium Macros must be blocked from running in Office 2013 files from the Internet.
V-26639 Medium The configuration for Slide Update with counterparts must be disallowed.
V-42333 Medium The Saved from URL mark must be selected to enforce Internet zone processing in PowerPoint Viewer.
V-17322 Medium The opening of pre-release versions of file formats new to PowerPoint 2013 through the Compatibility Pack for Office 2013 and PowerPoint 2013 Converter must be blocked.
V-26612 Medium Blocking as default file block opening behavior must be enforced.
V-42331 Medium File Downloads must be configured for proper restrictions in PowerPoint Viewer.
V-26617 Medium Attachments opened from Outlook must be in Protected View.
V-26616 Medium Document behavior if file validation fails must be set.
V-26615 Medium Files in unsafe locations must be opened in Protected View.
V-26614 Medium Files from the Internet zone must be opened in Protected View.
V-42329 Medium Protection from zone elevation must be enforced in PowerPoint Viewer.
V-42328 Medium ActiveX Installs must be configured for proper restriction in PowerPoint Viewer.
V-26589 Medium Add-ins to Office applications must be signed by a Trusted Publisher.
V-26588 Medium Scripted Window Security must be enforced in PowerPoint.
V-17473 Medium Enforce encrypted macros to be scanned in open XML documents must be determined and configured.
V-26585 Medium Protection from zone elevation must be enforced in PowerPoint.
V-17471 Medium All automatic loading from Trusted Locations must be disabled.
V-26587 Medium File Downloads must be configured for proper restrictions in PowerPoint.
V-26586 Medium ActiveX Installs must be configured for proper restriction in PowerPoint.
V-42327 Medium Disabling of user name and password syntax from being used in URLs must be enforced in PowerPoint Viewer.
V-26584 Medium Add-on Management functionality must be allowed in PowerPoint.