UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Data Execution Prevention must be enforced.


Overview

Finding ID Version Rule ID IA Controls Severity
V-26590 DTOO128 - Word SV-33859r1_rule ECSC-1 Medium
Description
Data Execution Prevention (DEP) is a set of hardware and software technologies performing additional checks on memory to help prevent malicious code from running on a system. The primary benefit of DEP is to help prevent code execution from data pages. Enabling this setting, turns off Data Execution Prevention. As a result, malicious code takes advantage of code injection or buffer overflow vulnerabilities possibly exploiting the computer.
STIG Date
Microsoft Word 2010 2011-09-29

Details

Check Text ( C-34251r1_chk )
The policy value for User Configuration -> Administrative Templates -> Microsoft Word 2010 -> Word Options -> Security -> Trust Center “Turn off Data Execution Prevention” must be set to “Disabled”.

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\14.0\word\security

Criteria: If the value EnableDEP is REG_DWORD = 1, this is not a finding.
Fix Text (F-29945r1_fix)
Set the policy value for User Configuration -> Administrative Templates -> Microsoft Word 2010 -> Word Options -> Security -> Trust Center “Turn off Data Execution Prevention” to “Disabled”.