STIGQter STIGQter: STIG Summary: Microsoft Office System 2013 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The encryption type for password protected Open XML files must be set.

DISA Rule

SV-228548r508020_rule

Vulnerability Number

V-228548

Group Title

SRG-APP-000231

Rule Version

DTOO189

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2013 -> Security Settings "Encryption type for password protected Office Open XML files" to "Enabled (Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256)".

Check Contents

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Security Settings "Encryption type for password protected Office Open XML files" is set to "Enabled (Microsoft Enhanced RSA and AES Cryptographic Provider, AES 256,256)".

Use the Windows Registry Editor to navigate to the following HKCU\Software\Policies\Microsoft\Office\15.0\common\security

If the value 'OpenXMLEncryption' is REG_SZ = "Microsoft Enhanced RSA and AES Cryptographic Provider, AES 256,256", this is not a finding.

Vulnerability Number

V-228548

Documentable

False

Rule Version

DTOO189

Severity Override Guidance

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Security Settings "Encryption type for password protected Office Open XML files" is set to "Enabled (Microsoft Enhanced RSA and AES Cryptographic Provider, AES 256,256)".

Use the Windows Registry Editor to navigate to the following HKCU\Software\Policies\Microsoft\Office\15.0\common\security

If the value 'OpenXMLEncryption' is REG_SZ = "Microsoft Enhanced RSA and AES Cryptographic Provider, AES 256,256", this is not a finding.

Check Content Reference

M

Target Key

4227

Comments