CUI

USNS MONTFORD POINT - Findings

Back to Ship Export CSV Download POA&M

Showing 4 of 4 findings (filtered) View Documentation Status (90 tracked)

Vuln ID	Severity	Asset	STIG	Title	Status	Doc Status	Assigned To	Actions
V-223288	CAT II	MONT-WS-92040	Microsoft Office 365 ProPlus Security Te...	ActiveX Controls must be initialized in Safe Mode.		-
Check Text Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings "ActiveX Control Initialization" is set to "Enabled (If SFI, load the control in safe mode and use persisted values (if any). If not SFI, prompt the user and advise them that it is marked unsafe. If the user chooses No at the prompt, do not load the control. Otherwise, load it with persisted values.) Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\Common\Security If the value UFIControls is set to REG_DWORD=6, this is not a finding. Fix Text Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings "ActiveX Control Initialization" to "Enabled + 6". Finding Details Evaluate-STIG 1.2507.5 (Scan-Office365_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\W.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1106 ResultHash: F514C7A140197E88FA4A733F7619DC87B196355D ~~~~~ 'ActiveX Control Initialization' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Policies\Microsoft\Office\Common\Security Value Name: UFIControls (Not found) Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_MSOffice365_V3R3_20251023-142330.ckl Scan Date: 2026-01-14T12:57:25.987513 Technology Area: Windows Operating System
V-223288	CAT II	MONT-WS-92010	Microsoft Office 365 ProPlus Security Te...	ActiveX Controls must be initialized in Safe Mode.		-
Check Text Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings "ActiveX Control Initialization" is set to "Enabled (If SFI, load the control in safe mode and use persisted values (if any). If not SFI, prompt the user and advise them that it is marked unsafe. If the user chooses No at the prompt, do not load the control. Otherwise, load it with persisted values.) Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\Common\Security If the value UFIControls is set to REG_DWORD=6, this is not a finding. Fix Text Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings "ActiveX Control Initialization" to "Enabled + 6". Finding Details Evaluate-STIG 1.2507.5 (Scan-Office365_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\D.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1104 ResultHash: F514C7A140197E88FA4A733F7619DC87B196355D ~~~~~ 'ActiveX Control Initialization' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Policies\Microsoft\Office\Common\Security Value Name: UFIControls (Not found) Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_MSOffice365_V3R3_20251023-141031.ckl Scan Date: 2026-01-14T12:57:28.231385 Technology Area: Windows Operating System
V-223288	CAT II	MONT-SW-89108	Microsoft Office 365 ProPlus Security Te...	ActiveX Controls must be initialized in Safe Mode.		-
Check Text Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings "ActiveX Control Initialization" is set to "Enabled (If SFI, load the control in safe mode and use persisted values (if any). If not SFI, prompt the user and advise them that it is marked unsafe. If the user chooses No at the prompt, do not load the control. Otherwise, load it with persisted values.) Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\Common\Security If the value UFIControls is set to REG_DWORD=6, this is not a finding. Fix Text Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings "ActiveX Control Initialization" to "Enabled + 6". Finding Details Evaluate-STIG 1.2510.0 (Scan-Office365_Checks) found this to be NOT A FINDING on 12/17/2025 Username: MONT-SW-89108\Scan.Admin UserSID: S-1-5-21-4163428051-2768110797-3591193048-1016 ResultHash: F514C7A140197E88FA4A733F7619DC87B196355D ~~~~~ 'ActiveX Control Initialization' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Policies\Microsoft\Office\Common\Security Value Name: UFIControls (Not found) Source: MONT-SW-89108_MSOffice365_V3R4_20251217-202911.ckl Scan Date: 2026-03-04T15:25:16.145630 Technology Area: Windows Operating System
V-223288	CAT II	MONT-SW-89134	Microsoft Office 365 ProPlus Security Te...	ActiveX Controls must be initialized in Safe Mode.		-
Check Text Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings "ActiveX Control Initialization" is set to "Enabled (If SFI, load the control in safe mode and use persisted values (if any). If not SFI, prompt the user and advise them that it is marked unsafe. If the user chooses No at the prompt, do not load the control. Otherwise, load it with persisted values.) Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\Common\Security If the value UFIControls is set to REG_DWORD=6, this is not a finding. Fix Text Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings "ActiveX Control Initialization" to "Enabled + 6". Finding Details Evaluate-STIG 1.2510.0 (Scan-Office365_Checks) found this to be NOT A FINDING on 12/17/2025 Username: MONT-SW-89134\dod_admin UserSID: S-1-5-21-4004422625-1934610219-1178763574-1001 ResultHash: F514C7A140197E88FA4A733F7619DC87B196355D ~~~~~ 'ActiveX Control Initialization' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Policies\Microsoft\Office\Common\Security Value Name: UFIControls (Not found) Source: MONT-SW-89134_MSOffice365_V3R4_20251217-201101.ckl Scan Date: 2026-03-04T15:25:42.171357 Technology Area: Windows Operating System

CUI