V-223292
CAT IIOffice applications must be configured to specify encryption type in password-protected Office Open XML files.
- Ships Affected
- 1
- Total Findings
- 4
- Open
- 0
- Closed
- 4
Check Text
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office Open XML files is set to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256.
Use the Windows Registry Editor to navigate to the following key:
HKCU\software\policies\microsoft\office\16.0\common\security
If the value OpenXMLEncryption is REG_SZ = "Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256", this is not a finding.
Fix Text
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2016 >> Security Settings >> Encryption type for password protected Office Open XML files to Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256.
STIG Reference
- STIG
- Microsoft Office 365 ProPlus Security Technical Implementation Guide
- Version
- 3
- Release
- 5
- Rule ID
- SV-223292r961128_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89134_MSOffice365_V3R4_20251217-201101.ckl | Unassigned | 2026-03-04T15:25:42.171357 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89108_MSOffice365_V3R4_20251217-202911.ckl | Unassigned | 2026-03-04T15:25:16.145630 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_MSOffice365_V3R3_20251023-141031.ckl | Unassigned | 2026-01-14T12:57:28.231385 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_MSOffice365_V3R3_20251023-142330.ckl | Unassigned | 2026-01-14T12:57:25.987513 | View in Context |