UCF STIG Viewer Logo

Microsoft PowerPoint 2016 STIG


Overview

Date Finding Count (37)
2016-12-08 CAT I (High): 0 CAT II (Med): 37 CAT III (Low): 0
STIG Description
The Microsoft PowerPoint 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Public)

Finding ID Severity Title
V-70683 Medium Disabling of user name and password syntax from being used in URLs must be enforced in PowerPoint Viewer.
V-70681 Medium Warning Bar settings for VBA macros must be configured.
V-70675 Medium ActiveX Installs must be configured for proper restriction in PowerPoint.
V-70687 Medium The Saved from URL mark must be selected to enforce Internet zone processing in PowerPoint Viewer.
V-70685 Medium The Internet Explorer Bind to Object functionality must be enabled in PowerPoint Viewer.
V-70689 Medium Navigation to URLs embedded in Office products must be blocked in PowerPoint Viewer.
V-70659 Medium Trust Bar Notifications for unsigned application add-ins must be blocked.
V-71407 Medium Document behavior if file validation fails must be set.
V-71405 Medium Files in unsafe locations must be opened in Protected View.
V-71403 Medium Scripted Window Security must be enforced in PowerPoint.
V-71401 Medium Navigation to URLs embedded in Office products must be blocked in PowerPoint.
V-70671 Medium Trust access for VBA must be disallowed.
V-70647 Medium The Saved from URL mark must be selected to enforce Internet zone processing in PowerPoint.
V-70645 Medium The Internet Explorer Bind to Object functionality must be enabled in PowerPoint.
V-70665 Medium Disallowance of Trusted Locations on the network must be enforced.
V-70667 Medium The Save commands default file format must be configured.
V-70669 Medium Enforce encrypted macros to be scanned in open XML documents must be determined and configured.
V-70661 Medium File Downloads must be configured for proper restrictions in PowerPoint.
V-70649 Medium Configuration for file validation must be enforced.
V-70691 Medium Scripted Window Security must be enforced in PowerPoint Viewer.
V-70693 Medium Add-on Management functionality must be allowed in PowerPoint Viewer.
V-70695 Medium File Links that invoke instances of Internet Explorer from within an Office product must be blocked in PowerPoint Viewer.
V-70697 Medium Protection from zone elevation must be enforced in PowerPoint Viewer.
V-70699 Medium ActiveX Installs must be configured for proper restriction in PowerPoint Viewer.
V-70663 Medium All automatic loading from Trusted Locations must be disabled.
V-70643 Medium Blocking as default file block opening behavior must be enforced.
V-70655 Medium Add-ins to Office applications must be signed by a Trusted Publisher.
V-70657 Medium Links that invoke instances of Internet Explorer from within an Office product must be blocked in PowerPoint.
V-70651 Medium Files from the Internet zone must be opened in Protected View.
V-70679 Medium Attachments opened from Outlook must be in Protected View.
V-70677 Medium The ability to run programs from a PowerPoint presentation must be disallowed.
V-70653 Medium Add-on Management functionality must be allowed in PowerPoint.
V-70673 Medium Protection from zone elevation must be enforced in PowerPoint.
V-71647 Medium File Downloads must be configured for proper restrictions in PowerPoint Viewer.
V-70701 Medium Macros must be blocked from running in Office files from the Internet.
V-71641 Medium Files on local Intranet UNC must be opened in Protected View.
V-70641 Medium Disabling of user name and password syntax from being used in URLs must be enforced in PowerPoint.