UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Microsoft Word 2016 Security Technical Implementation Guide


Overview

Date Finding Count (34)
2016-11-02 CAT I (High): 0 CAT II (Med): 34 CAT III (Low): 0
STIG Description
The Microsoft Word 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Sensitive)

Finding ID Severity Title
V-71045 Medium The Internet Explorer Bind to Object functionality must be enabled.
V-71099 Medium Word 95 binary documents and templates must be configured to edit in protected view.
V-71095 Medium Word 2000 binary documents and templates must be configured to edit in protected view.
V-71097 Medium Word 6.0 binary documents and templates must be configured for block open/save actions.
V-71091 Medium Online translation dictionaries must not be used.
V-71093 Medium Word 2 and earlier binary documents and templates must be blocked for open/save.
V-71043 Medium Blocking as default file block opening behavior must be enforced.
V-71051 Medium Files from the Internet zone must be opened in Protected View.
V-71053 Medium Navigation to URLs embedded in Office products must be blocked.
V-71055 Medium Scripted Window Security must be enforced.
V-71071 Medium The Save commands default file format must be configured.
V-71059 Medium Add-ins to Office applications must be signed by a Trusted Publisher.
V-71049 Medium Configuration for file validation must be enforced.
V-71079 Medium ActiveX Installs must be configured for proper restriction.
V-71077 Medium Protection from zone elevation must be enforced.
V-71089 Medium Warning Bar settings for VBA macros must be configured.
V-71083 Medium Document behavior if file validation fails must be set.
V-71081 Medium Files in unsafe locations must be opened in Protected View.
V-71075 Medium Trust access for VBA must be disallowed.
V-71085 Medium Attachments opened from Outlook must be in Protected View.
V-71073 Medium Force encrypted macros to be scanned in open XML documents must be determined and configured.
V-71061 Medium Links that invoke instances of Internet Explorer from within an Office product must be blocked.
V-71065 Medium File Downloads must be configured for proper restrictions.
V-71067 Medium All automatic loading from trusted locations must be disabled.
V-71057 Medium Add-on Management functionality must be allowed.
V-71063 Medium Trust Bar Notifications for unsigned application add-ins must be blocked.
V-71103 Medium Word XP binary documents and templates must be configured to edit in protected view.
V-71047 Medium Saved from URL mark to assure Internet zone processing must be enforced.
V-71101 Medium Word 97 binary documents and templates must be configured to edit in protected view.
V-71643 Medium Files on local Intranet UNC must be opened in Protected View.
V-71107 Medium Macros must be blocked from running in Office files from the Internet.
V-71069 Medium Disallowance of trusted locations on the network must be enforced.
V-71041 Medium Disabling of user name and password syntax from being used in URLs must be enforced.
V-71087 Medium The automatically update links feature must be disabled.