STIGQter STIGQter: STIG Summary: Microsoft Office System 2013 STIG Version: 1 Release: 9 Benchmark Date: 25 Oct 2019: The encryption type for password protected Open XML files must be set.

DISA Rule

SV-52726r5_rule

Vulnerability Number

V-17619

Group Title

DTOO189 - Encryption Type for Pwd Protected files

Rule Version

DTOO189

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2013 -> Security Settings "Encryption type for password protected Office Open XML files" to "Enabled (Microsoft Enhanced RSA and AES Cryptographic Provider,AES 256,256)".

Check Contents

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Security Settings "Encryption type for password protected Office Open XML files" is set to "Enabled (Microsoft Enhanced RSA and AES Cryptographic Provider, AES 256,256)".

Use the Windows Registry Editor to navigate to the following HKCU\Software\Policies\Microsoft\Office\15.0\common\security

If the value “OpenXMLEncryption” is REG_SZ = "Microsoft Enhanced RSA and AES Cryptographic Provider, AES 256,256", this is not a finding.

Vulnerability Number

V-17619

Documentable

False

Rule Version

DTOO189

Severity Override Guidance

Verify the policy value for User Configuration >> Administrative Templates >> Microsoft Office 2013 >> Security Settings "Encryption type for password protected Office Open XML files" is set to "Enabled (Microsoft Enhanced RSA and AES Cryptographic Provider, AES 256,256)".

Use the Windows Registry Editor to navigate to the following HKCU\Software\Policies\Microsoft\Office\15.0\common\security

If the value “OpenXMLEncryption” is REG_SZ = "Microsoft Enhanced RSA and AES Cryptographic Provider, AES 256,256", this is not a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

2480

Comments