UCF STIG Viewer Logo

Microsoft Word 2016 STIG


Overview

Date Finding Count (34)
2016-12-21 CAT I (High): 0 CAT II (Med): 34 CAT III (Low): 0
STIG Description
The Microsoft Word 2016 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Classified)

Finding ID Severity Title
V-71045 Medium The Internet Explorer Bind to Object functionality must be enabled.
V-71099 Medium Word 95 binary documents and templates must be configured to edit in protected view.
V-71063 Medium Trust Bar Notifications for unsigned application add-ins must be blocked.
V-71095 Medium Word 2000 binary documents and templates must be configured to edit in protected view.
V-71097 Medium Word 6.0 binary documents and templates must be configured for block open/save actions.
V-71091 Medium Online translation dictionaries must not be used.
V-71093 Medium Word 2 and earlier binary documents and templates must be blocked for open/save.
V-71069 Medium Disallowance of trusted locations on the network must be enforced.
V-71077 Medium Protection from zone elevation must be enforced.
V-71053 Medium Navigation to URLs embedded in Office products must be blocked.
V-71073 Medium Force encrypted macros to be scanned in open XML documents must be determined and configured.
V-71071 Medium The Save commands default file format must be configured.
V-71059 Medium Add-ins to Office applications must be signed by a Trusted Publisher.
V-71079 Medium ActiveX Installs must be configured for proper restriction.
V-71051 Medium Files from the Internet zone must be opened in Protected View.
V-71089 Medium Warning Bar settings for VBA macros must be configured.
V-71083 Medium Document behavior if file validation fails must be set.
V-71081 Medium Files in unsafe locations must be opened in Protected View.
V-71087 Medium The automatically update links feature must be disabled.
V-71085 Medium Attachments opened from Outlook must be in Protected View.
V-71055 Medium Scripted Window Security must be enforced.
V-71075 Medium Trust access for VBA must be disallowed.
V-71065 Medium File Downloads must be configured for proper restrictions.
V-71067 Medium All automatic loading from trusted locations must be disabled.
V-71061 Medium Links that invoke instances of Internet Explorer from within an Office product must be blocked.
V-71049 Medium Configuration for file validation must be enforced.
V-71103 Medium Word XP binary documents and templates must be configured to edit in protected view.
V-71047 Medium The Saved from URL mark must be selected to enforce Internet zone processing.
V-71101 Medium Word 97 binary documents and templates must be configured to edit in protected view.
V-71643 Medium Files on local Intranet UNC must be opened in Protected View.
V-71107 Medium Macros must be blocked from running in Office files from the Internet.
V-71043 Medium Blocking as default file block opening behavior must be enforced.
V-71041 Medium Disabling of user name and password syntax from being used in URLs must be enforced.
V-71057 Medium Add-on Management functionality must be allowed.