Microsoft Outlook 2003



Version / Release: V4R4

Published: 2014-10-03

Updated At: 2018-09-23 04:10:44




Vuln Rule Version CCI Severity Title Description
SV-6390r1_rule DTMG001 HIGH An unsupported version of Outlook is installed. Without product support, vulnerabilities are not being tracked or fixed by the vendor. System AdministratorECSC-1
SV-6391r1_rule DTMO001 MEDIUM Outlook is not configured to use the Restricted Sites Security Zone. Outlook needs to run in the context of the restricted sites zone so when it processes messages in an HTML format the content of the message is controlled and the machine is protected from automatically executing mobile code.System AdministratorDCMC-1
SV-6393r1_rule DTMO003 MEDIUM Outlook is not configured to read HTML as text. HTML in email can potentially contain mobile code. This parameter will ensure that mobile code can not be executed in either the preview pane or when the message is opened.System AdministratorDCMC-1
SV-6394r2_rule DTOG001 HIGH An unsupported version of Office is installed. Unsupported vendor software is not being updated or evaluated for security vulnerabilities.System AdministratorECSC-1
SV-6395r1_rule DTOG002 MEDIUM The latest Office service pack is not installed. The lastest service pack needs to be applied to ensure all security related patches are incorporated and that the software is a t supported service level.System AdministratorECSC-1
SV-6396r1_rule DTOO001 MEDIUM The Macro Security Level option in Office 2000, XP (2002), or 2003 applications is not set to Medium, High, or Very High. The security level controls the action of macros. Macros can be embedded into documents to be executed at the time the document is opened. This can potentially intitiate a malicious action.System AdministratorDCMC-1
SV-6397r1_rule DTOO002 MEDIUM The option for trusting all installed add-ins and templates is not disabled. This option ensures that macro security warning are displayed for all addins and templates. System AdministratorDCMC-1
SV-6398r1_rule DTOO003 MEDIUM The Error Reporting tool for Office XP/2003 is installed or enabled. This could potentially send sensitive application data to the vendor and needs to be disabled.System AdministratorECSC-1
SV-13346r1_rule DTOO004 MEDIUM Office 2003 Customer Experience Improvement Program When sending data as part of the Customer Experience Improvement Program there is a possibility of exposing sensitive data. System AdministratorECAN-1