UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Microsoft Publisher 2016 Security Technical Implementation Guide


Overview

Date Finding Count (15)
2017-01-19 CAT I (High): 0 CAT II (Med): 15 CAT III (Low): 0
STIG Description
The Microsoft Publisher 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-70751 Medium Add-ins to Office applications must be signed by a Trusted Publisher.
V-70729 Medium Disabling of user name and password syntax from being used in URLs must be enforced.
V-70753 Medium Links that invoke instances of Internet Explorer from within an Office product must be blocked.
V-70755 Medium Trust Bar Notifications for unsigned application add-ins must be blocked.
V-70761 Medium ActiveX Installs must be configured for proper restriction.
V-70757 Medium File Downloads must be configured for proper restrictions.
V-70749 Medium Add-on Management functionality must be allowed.
V-70733 Medium Saved from URL mark to assure Internet zone processing must be enforced.
V-70747 Medium Scripted Window Security must be enforced.
V-70731 Medium Enabling IE Bind to Object functionality must be present.
V-70763 Medium Warning Bar settings for VBA macros must be configured.
V-70735 Medium Navigation to URLs embedded in Office products must be blocked.
V-71675 Medium The Publisher Automation Security Level must be configured for high security.
V-70759 Medium Protection from zone elevation must be enforced.
V-71673 Medium Fatally corrupt files must be blocked from opening.