DTOO203 – Legacy format signatures must be enabled.

Details

Office applications use the XML-based XMLDSIG format to attach digital signatures to documents, including Office 97-2003 binary documents. XMLDSIG signatures are not recognized by Office 2003 applications or previous versions. If an Office user opens an Excel, PowerPoint, or Word binary document with an XMLDSIG signature attached, the signature will be lost.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2013 -> Signing ‘Legacy format signatures’ to ‘Enabled’.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_OfficeSystem_2013_V2R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

800-53|CM-6b.
CAT|II
CCI|CCI-000366
Rule-ID|SV-228520r508020_rule
STIG-ID|DTOO203
STIG-Legacy|SV-52751
STIG-Legacy|V-17749
Vuln-ID|V-228520

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles