| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-225069 | CAT II | MONT-VSF-004 | Microsoft Windows Server 2016 Security T... | Zone information must be preserved when saving att... | - | |||
Check TextThe default behavior is for Windows to mark file attachments with their zone information. If the registry Value Name below does not exist, this is not a finding. If it exists and is configured with a value of "2", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_CURRENT_USER Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments\ Value Name: SaveZoneInformation Value Type: REG_DWORD Value: 0x00000002 (2) (or if the Value Name does not exist) Fix TextThe default behavior is for Windows to mark file attachments with their zone information. If this needs to be corrected, configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager >> "Do not preserve zone information in file attachments" to "Not Configured" or "Disabled". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\D.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1104 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found)
Source: _Reviewed/MONT-VSF-004/Checklist/MONT-VSF-004_WinServer2016_V2R10_20251023-143909.ckl
Scan Date: 2026-01-14T12:57:30.046447
Technology Area: Windows Operating System
|
||||||||
| V-225069 | CAT II | MONT-VSF-003 | Microsoft Windows Server 2016 Security T... | Zone information must be preserved when saving att... | - | |||
Check TextThe default behavior is for Windows to mark file attachments with their zone information. If the registry Value Name below does not exist, this is not a finding. If it exists and is configured with a value of "2", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_CURRENT_USER Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments\ Value Name: SaveZoneInformation Value Type: REG_DWORD Value: 0x00000002 (2) (or if the Value Name does not exist) Fix TextThe default behavior is for Windows to mark file attachments with their zone information. If this needs to be corrected, configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager >> "Do not preserve zone information in file attachments" to "Not Configured" or "Disabled". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\D.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1104 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found)
Source: _Reviewed/MONT-VSF-003/Checklist/MONT-VSF-003_WinServer2016_V2R10_20251023-143935.ckl
Scan Date: 2026-01-14T12:57:31.534241
Technology Area: Windows Operating System
|
||||||||
| V-225069 | CAT II | MONT-MB-002 | Microsoft Windows Server 2016 Security T... | Zone information must be preserved when saving att... | - | |||
Check TextThe default behavior is for Windows to mark file attachments with their zone information. If the registry Value Name below does not exist, this is not a finding. If it exists and is configured with a value of "2", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_CURRENT_USER Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments\ Value Name: SaveZoneInformation Value Type: REG_DWORD Value: 0x00000002 (2) (or if the Value Name does not exist) Fix TextThe default behavior is for Windows to mark file attachments with their zone information. If this needs to be corrected, configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager >> "Do not preserve zone information in file attachments" to "Not Configured" or "Disabled". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\montford.exchange UserSID: S-1-5-21-1360995287-4027491577-3040029667-1118 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found)
Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_WinServer2016_V2R10_20251023-152736.ckl
Scan Date: 2026-01-14T12:57:33.842838
Technology Area: Windows Operating System
|
||||||||
| V-225069 | CAT II | MONT-DP-001 | Microsoft Windows Server 2016 Security T... | Zone information must be preserved when saving att... | - | |||
Check TextThe default behavior is for Windows to mark file attachments with their zone information. If the registry Value Name below does not exist, this is not a finding. If it exists and is configured with a value of "2", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_CURRENT_USER Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments\ Value Name: SaveZoneInformation Value Type: REG_DWORD Value: 0x00000002 (2) (or if the Value Name does not exist) Fix TextThe default behavior is for Windows to mark file attachments with their zone information. If this needs to be corrected, configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager >> "Do not preserve zone information in file attachments" to "Not Configured" or "Disabled". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\D.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1104 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found)
Source: _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_WinServer2016_V2R10_20251023-144106.ckl
Scan Date: 2026-01-14T12:57:35.637816
Technology Area: Windows Operating System
|
||||||||
| V-225069 | CAT II | MONT-DC-003 | Microsoft Windows Server 2016 Security T... | Zone information must be preserved when saving att... | - | |||
Check TextThe default behavior is for Windows to mark file attachments with their zone information. If the registry Value Name below does not exist, this is not a finding. If it exists and is configured with a value of "2", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_CURRENT_USER Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments\ Value Name: SaveZoneInformation Value Type: REG_DWORD Value: 0x00000002 (2) (or if the Value Name does not exist) Fix TextThe default behavior is for Windows to mark file attachments with their zone information. If this needs to be corrected, configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager >> "Do not preserve zone information in file attachments" to "Not Configured" or "Disabled". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\d.admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1104 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found)
Source: _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_WinServer2016_V2R10_20251023-172220.ckl
Scan Date: 2026-01-14T12:57:37.248886
Technology Area: Windows Operating System
|
||||||||
| V-225069 | CAT II | MONT-DB-002 | Microsoft Windows Server 2016 Security T... | Zone information must be preserved when saving att... | - | |||
Check TextThe default behavior is for Windows to mark file attachments with their zone information. If the registry Value Name below does not exist, this is not a finding. If it exists and is configured with a value of "2", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_CURRENT_USER Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments\ Value Name: SaveZoneInformation Value Type: REG_DWORD Value: 0x00000002 (2) (or if the Value Name does not exist) Fix TextThe default behavior is for Windows to mark file attachments with their zone information. If this needs to be corrected, configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager >> "Do not preserve zone information in file attachments" to "Not Configured" or "Disabled". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\S.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1105 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found)
Source: _Reviewed/MONT-DB-002/Checklist/MONT-DB-002_WinServer2016_V2R10_20251023-144132.ckl
Scan Date: 2026-01-14T12:57:39.082634
Technology Area: Windows Operating System
|
||||||||
| V-225069 | CAT II | MONT-BE-002 | Microsoft Windows Server 2016 Security T... | Zone information must be preserved when saving att... | - | |||
Check TextThe default behavior is for Windows to mark file attachments with their zone information. If the registry Value Name below does not exist, this is not a finding. If it exists and is configured with a value of "2", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_CURRENT_USER Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments\ Value Name: SaveZoneInformation Value Type: REG_DWORD Value: 0x00000002 (2) (or if the Value Name does not exist) Fix TextThe default behavior is for Windows to mark file attachments with their zone information. If this needs to be corrected, configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager >> "Do not preserve zone information in file attachments" to "Not Configured" or "Disabled". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\S.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1105 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found)
Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_WinServer2016_V2R10_20251023-143943.ckl
Scan Date: 2026-01-14T12:57:41.363810
Technology Area: Windows Operating System
|
||||||||
| V-225069 | CAT II | MONT-AP-002 | Microsoft Windows Server 2016 Security T... | Zone information must be preserved when saving att... | - | |||
Check TextThe default behavior is for Windows to mark file attachments with their zone information. If the registry Value Name below does not exist, this is not a finding. If it exists and is configured with a value of "2", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_CURRENT_USER Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments\ Value Name: SaveZoneInformation Value Type: REG_DWORD Value: 0x00000002 (2) (or if the Value Name does not exist) Fix TextThe default behavior is for Windows to mark file attachments with their zone information. If this needs to be corrected, configure the policy value for User Configuration >> Administrative Templates >> Windows Components >> Attachment Manager >> "Do not preserve zone information in file attachments" to "Not Configured" or "Disabled". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 Username: MONTFORD-POINT\D.Admin UserSID: S-1-5-21-1360995287-4027491577-3040029667-1104 ResultHash: E1E8733E0EB898F9D2EF428AC96620439C92F3E6 ~~~~~ 'Do not preserve zone information in file attachments' is Not Configured in group policy which is acceptable per the STIG. Registry Path: HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments Value Name: SaveZoneInformation (Not found)
Source: _Reviewed/MONT-AP-002/Checklist/MONT-AP-002_WinServer2016_V2R10_20251023-144214.ckl
Scan Date: 2026-01-14T12:57:42.721079
Technology Area: Windows Operating System
|
||||||||