V-223368
CAT IIWhen an untrusted program attempts to use the Save As command to programmatically save an item, Outlook must automatically deny it.
- Ships Affected
- 1
- Total Findings
- 4
- Open
- 0
- Closed
- 4
Check Text
Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2016 >> Security >> Security Form Settings >> Programmatic Security >> Configure Outlook object model prompt when executing Save As is set to "Enabled (Automatically Deny)".
Use the Windows Registry to navigate to the following key:
HKCU\software\policies\microsoft\office\16.0\outlook\security
If the value for promptoomsaveas is set to REG_DWORD = 0, this is not a finding.
Fix Text
Set the policy value for User Configuration >> Administrative Templates >> Microsoft Outlook 2016 >> Security >> Security Form Settings >> Programmatic Security >> Configure Outlook object model prompt when executing Save As to "Enabled (Automatically Deny)".
STIG Reference
- STIG
- Microsoft Office 365 ProPlus Security Technical Implementation Guide
- Version
- 3
- Release
- 5
- Rule ID
- SV-223368r961779_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89134_MSOffice365_V3R4_20251217-201101.ckl | Unassigned | 2026-03-04T15:25:42.171357 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89108_MSOffice365_V3R4_20251217-202911.ckl | Unassigned | 2026-03-04T15:25:16.145630 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_MSOffice365_V3R3_20251023-141031.ckl | Unassigned | 2026-01-14T12:57:28.231385 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_MSOffice365_V3R3_20251023-142330.ckl | Unassigned | 2026-01-14T12:57:25.987513 | View in Context |