V-223291
CAT IIOffice applications must be configured to specify encryption type in password-protected Office 97-2003 files.
- Ships Affected
- 1
- Total Findings
- 4
- Open
- 0
- Closed
- 4
Check Text
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office 97-2003 files is set to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256.
Use the Windows Registry Editor to navigate to the following key:
HKCU\software\policies\microsoft\office\16.0\common\security
If the value defaultencryption12 is set to REG_SZ = "Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256", this is not a finding.
Fix Text
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office 97-2003 files to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256.
STIG Reference
- STIG
- Microsoft Office 365 ProPlus Security Technical Implementation Guide
- Version
- 3
- Release
- 5
- Rule ID
- SV-223291r961128_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89134_MSOffice365_V3R4_20251217-201101.ckl | Unassigned | 2026-03-04T15:25:42.171357 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89108_MSOffice365_V3R4_20251217-202911.ckl | Unassigned | 2026-03-04T15:25:16.145630 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_MSOffice365_V3R3_20251023-141031.ckl | Unassigned | 2026-01-14T12:57:28.231385 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_MSOffice365_V3R3_20251023-142330.ckl | Unassigned | 2026-01-14T12:57:25.987513 | View in Context |