Vulnerability V-223404

V-223404

CAT II

If file validation fails, files must be opened in Protected view in Word with ability to edit disabled.

Ships Affected: 1
Total Findings: 4
Open: 0
Closed: 4

Check Text

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Word 2016 >> Word Options >> Security >> Trust Center >> Protected View >> Set document behavior if file validation fails is set to "Enabled: Open in Protected View". Verify the check box for "Allow edit" is not selected. Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\16.0\Word\security\filevalidation If the value openinprotectedview does not exist, this is not a finding. If both the value for openinprotectedview is REG_DWORD = 1 and the value for DisableEditFromPV is set to REG_DWORD = 1, this is not a finding.

Fix Text

Set the policy value for User Configuration >> Administrative Templates >> Microsoft Word 2016 >> Word Options >> Security >> Trust Center >> Protected View >> Set document behavior if file validation fails to "Enabled: Open in Protected View". Uncheck the "Allow edit" check box.

STIG Reference

STIG: Microsoft Office 365 ProPlus Security Technical Implementation Guide
Version: 3
Release: 5
Rule ID: SV-223404r961086_rule

All Occurrences

This vulnerability appears on 1 ship(s)

Ship	Hull #	Source File	Assigned To	Scan Date	Actions
USNS MONTFORD POINT	T-ESD-1	MONT-SW-89134_MSOffice365_V3R4_20251217-201101.ckl	Unassigned	2026-03-04T15:25:42.171357	View in Context
USNS MONTFORD POINT	T-ESD-1	MONT-SW-89108_MSOffice365_V3R4_20251217-202911.ckl	Unassigned	2026-03-04T15:25:16.145630	View in Context
USNS MONTFORD POINT	T-ESD-1	_Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_MSOffice365_V3R3_20251023-141031.ckl	Unassigned	2026-01-14T12:57:28.231385	View in Context
USNS MONTFORD POINT	T-ESD-1	_Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_MSOffice365_V3R3_20251023-142330.ckl	Unassigned	2026-01-14T12:57:25.987513	View in Context