Cyber Trackr - Free Compliance Library
Cyber Trackr
The Free Compliance Library

Microsoft Outlook 2003

  • Version/Release: V4R4
  • Published: 2014-10-03
  • Expand All:
  • Severity:
  • Sort:
Compare

Select any two versions of this STIG to compare the individual requirements

View

Select any old version/release of this STIG to view the previous requirements

c
An unsupported version of Outlook is installed.
High - V-6320 - SV-6390r1_rule
RMF Control
Severity
High
CCI
Version
DTMG001
Vuln IDs
  • V-6320
Rule IDs
  • SV-6390r1_rule
Without product support, vulnerabilities are not being tracked or fixed by the vendor. System AdministratorECSC-1
Checks: C-598r1_chk

Procedure: Search for the outllib.dll file using the Start menu “Search | For Files or Folders…” facility. Determine the version of the outllib.dll file. Retain this information for upcoming checks. Criteria: If the outllib.dll file is found and the version number of the file is not 9.y[.y].x, 10.y.x[.y], or 11.y.x[.y] then this is a Finding.

Fix: F-5843r1_fix

Using the Start menu "Search | For Files or Folders", search for the file outllib.dll. If found, and the version number is not 9.y[.y].x, 10.y.x[.y], or 11.y.x[.y], install a supported version of Outlook.

b
Outlook is not configured to use the Restricted Sites Security Zone.
Medium - V-6321 - SV-6391r1_rule
RMF Control
Severity
Medium
CCI
Version
DTMO001
Vuln IDs
  • V-6321
Rule IDs
  • SV-6391r1_rule
Outlook needs to run in the context of the restricted sites zone so when it processes messages in an HTML format the content of the message is controlled and the machine is protected from automatically executing mobile code.System AdministratorDCMC-1
Checks: C-599r1_chk

Procedure: Start the Outlook application. On the Tools menu, select the Options… item. On the Options window, select the Security tab. Determine the value of the Zone option. Criteria: If the Zone option specifies a value other than Restricted sites, then this is a Finding.

Fix: F-5844r1_fix

In Outlook go to the Tools menu and select the Options... item. In the Options window, select the Security tab. Change the value of the Zone option to Restricted sites only.

b
Outlook is not configured to read HTML as text.
Medium - V-6323 - SV-6393r1_rule
RMF Control
Severity
Medium
CCI
Version
DTMO003
Vuln IDs
  • V-6323
Rule IDs
  • SV-6393r1_rule
HTML in email can potentially contain mobile code. This parameter will ensure that mobile code can not be executed in either the preview pane or when the message is opened.System AdministratorDCMC-1
Checks: C-601r1_chk

Procedure: Start the Outlook application. On the Tools menu, select the Options… item. On the Options window, select Preferences. Examine the E-Mail options. Criteria: If the Read all standard mail in plain text check box is checked, this is not a finding. ---- This check only applies to Office XP and 2003.

Fix: F-5846r1_fix

In Outlook go to the Tools menu and select the Options... item. On the Options window, select Preferences and examine the E-Mail options. Make sure the Read "all standard mail in plain text" check box is checked.

c
An unsupported version of Office is installed.
High - V-6324 - SV-6394r2_rule
RMF Control
Severity
High
CCI
Version
DTOG001
Vuln IDs
  • V-6324
Rule IDs
  • SV-6394r2_rule
Unsupported vendor software is not being updated or evaluated for security vulnerabilities.System AdministratorECSC-1
Checks: C-55617r1_chk

If running any Office 2003 version software, this is a finding.

Fix: F-5847r3_fix

Upgrade to Office 2007 or higher.

b
The latest Office service pack is not installed.
Medium - V-6325 - SV-6395r1_rule
RMF Control
Severity
Medium
CCI
Version
DTOG002
Vuln IDs
  • V-6325
Rule IDs
  • SV-6395r1_rule
The lastest service pack needs to be applied to ensure all security related patches are incorporated and that the software is a t supported service level.System AdministratorECSC-1
Checks:

Fix: F-5848r1_fix

For Office XP, if any of the files, exists and are at a lower level than those listed, install a higher level file that meets or exceeds requirements. These versions represent having Office XP SP 3 installed. Excel.exe 10.0.6501.0 Frontpg.exe 10.0.6308.0 Msaccess.exe 10.0.6501.0 Mspub.exe 10.0.6308.0 Outlook.exe 10.0.6626.0 Powerpnt.exe 10.0.6501.0 Winword.exe 10.0.6612.0 For Office 2000, if any of the files, exists and are at a lower level than those listed, install a higher level file that meets or exceeds requirements. These versions represent having Office 2000 SP 3 installed. Microsoft Access Msaccess.exe 9.0.6926 Microsoft Excel Excel.exe 9.0.6926 Microsoft Outlook Outlook.exe 9.0.0.6627 Microsoft PowerPoint Powerpnt.exe 9.0.6620 Microsoft Word Winword.exe 9.0.6926 For Office 2003, if any of the files, exists and are at a lower level than those listed, install a higher level file that meets or exceeds requirements. These version represent having Office 2003 SP 1 installed. Excel.exe 11.0.6355.0 Frontpg.exe 11.0.6356.0 Infopath.exe 11.0.6357.0 Msaccess.exe 11.0.6355.0 Outlook.exe 11.0.6353.0 Powerpnt.exe 11.0.6361.0 Winword.exe 11.0.6359.0 Mspub.exe 11.0.6255.0 Please note that in many cases Office service packs are not cummulative and there are level sets that must be installed before the current servicce pack.

b
The Macro Security Level option in Office 2000, XP (2002), or 2003 applications is not set to Medium, High, or Very High.
Medium - V-6326 - SV-6396r1_rule
RMF Control
Severity
Medium
CCI
Version
DTOO001
Vuln IDs
  • V-6326
Rule IDs
  • SV-6396r1_rule
The security level controls the action of macros. Macros can be embedded into documents to be executed at the time the document is opened. This can potentially intitiate a malicious action.System AdministratorDCMC-1
Checks: C-620r1_chk

Procedure: This check must be performed once for each Office 2000 application, once for each Office XP application, and once for each Office 2003 application: a) Start the MS Word application. On the Tools menu, select the Macro item. On the Macro menu, select the Security… item. On the Security window, select the Security Level tab. On the Security Level tab, determine the value of the Security Level option. b) Start the MS Excel application. On the Tools menu, select the Macro item. On the Macro menu, select the Security… item. On the Security window, select the Security Level tab. On the Security Level tab, determine the value of the Security Level option. c) Start the MS PowerPoint application. On the Tools menu, select the Macro item. On the Macro menu, select the Security… item. On the Security window, select the Security Level tab. On the Security Level tab, determine the value of the Security Level option. d) Start the MS Outlook application. On the Tools menu, select the Macro item. On the Macro menu, select the Security… item. On the Security window, select the Security Level tab. On the Security Level tab, determine the value of the Security Level option. Criteria: If the Security Level option specifies a value other than Very High, High or Medium in any application, then this is a Finding.

Fix: F-5849r1_fix

For each Office 2000/Office XP/Office2003 application, perform the check once. Start the application and on the Tools menu, select the Macro item. On the Macro menu, select the Security... item. On the Security window, select the Security Level tab. On the Security Level tab, change the value of the Security Level option so that it specifies Very High, High, or Medium.

b
The option for trusting all installed add-ins and templates is not disabled.
Medium - V-6327 - SV-6397r1_rule
RMF Control
Severity
Medium
CCI
Version
DTOO002
Vuln IDs
  • V-6327
Rule IDs
  • SV-6397r1_rule
This option ensures that macro security warning are displayed for all addins and templates. System AdministratorDCMC-1
Checks: C-621r1_chk

Procedure: a) Start the MS Word application. On the Tools menu, select the Macro item. On the Macro menu, select the Security… item. On the Security window, select the Security Level tab. On the Security Level tab, determine the value of the Trust all installed add-ins and templates option. b) Start the MS Excel application. On the Tools menu, select the Macro item. On the Macro menu, select the Security… item. On the Security window, select the Security Level tab. On the Security Level tab, determine the value of the Trust all installed add-ins and templates option. c) Start the MS PowerPoint application. On the Tools menu, select the Macro item. On the Macro menu, select the Security… item. On the Security window, select the Security Level tab. On the Security Level tab, determine the value of the Trust all installed add-ins and templates option. d) Start the MS Outlook application. On the Tools menu, select the Macro item. On the Macro menu, select the Security… item. On the Security window, select the Security Level tab. On the Security Level tab, determine the value of the Trust all installed add-ins and templates option. e) Start the MS Project application. On the Tools menu, select the Macro item. On the Macro menu, select the Security… item. On the Security window, select the Security Level tab. On the Security Level tab, determine the value of the Trust all installed add-ins and templates option. Criteria: If the Trust all installed add-ins and templates is checked then this is a Finding.

Fix: F-5850r1_fix

For MS Word, MS Excel, MS PowerPoint, MS Outlook, and MS Project start each application and go to the Tools menu. On the Tools menu, select the Macro item followed by the Security... item. On the Security window, select the Security Level tab. Uncheck the box for Trust all installed add-ins and templates.

b
The Error Reporting tool for Office XP/2003 is installed or enabled.
Medium - V-6328 - SV-6398r1_rule
RMF Control
Severity
Medium
CCI
Version
DTOO003
Vuln IDs
  • V-6328
Rule IDs
  • SV-6398r1_rule
This could potentially send sensitive application data to the vendor and needs to be disabled.System AdministratorECSC-1
Checks: C-626r1_chk

Procedure: Use the Windows Registry Editor to navigate to the following key for Office XP: HKCU\Software\Policies\Microsoft\Office\10.0\Common. Look for the DWNeverUpload, DWNoExternalURL, DWNoFileCollection, and DWNoSecondLevelCollection value names. Use the Windows Registry Editor to navigate to the following key for Office 2003: HKCU\Software\Policies\Microsoft\PCHealth\ErrorReporting\DW. Look for the DWReportee or DWNeverUpload value names. Criteria: For Office XP, if the value data for DWNeverUpload, DWNoExternalURL, DWNoFileCollection, and DWNoSecondLevelCollection is not 1 (the number one) or the key is not found, then this is a Finding. For Office 2003, if the value data for DWReportee or DWNeverUpload entry is not 1 (the number one) or the key is not found, this is a finding.

Fix: F-5851r1_fix

For Office XP, navigate to registry key HKCU\Software\Policies\Microsoft\Office\10.0\Common. Change the values for DWNeverUpload, DWNoExternalURL, DWNoFileCollection, and DWNoSecondLevelCollection to 1 (the number one). If the key does not exist, add it with the values at 1. For Office 2003, change the value of DWReportee or DWNeverUpload to 1 (the number one). If either key does not exist, add it with the value 1.

b
Office 2003 Customer Experience Improvement Program
Medium - V-12781 - SV-13346r1_rule
RMF Control
Severity
Medium
CCI
Version
DTOO004
Vuln IDs
  • V-12781
Rule IDs
  • SV-13346r1_rule
When sending data as part of the Customer Experience Improvement Program there is a possibility of exposing sensitive data. System AdministratorECAN-1
Checks: C-9326r1_chk

Use the Windows Registry Editor to navigate to the following key for Office 2003 HKCU HKEY_CURRENT_USER\Software\Microsoft\Office\Common Look for the QMEnable value. Criteria: For Office 2003, if the data for QMEnable value entry is not 0 or the key is not found, this is a finding.

Fix: F-12307r1_fix

Use the Windows Registry Editor to navigate to the following key for Office 2003 HKCU HKEY_CURRENT_USER\Software\Microsoft\Office\Common Look for the QMEnable value. Criteria: For Office 2003, ensure that the QMEnable value entry present and set to 0.