DTOO321 – Encrypt document properties must be configured for OLE documents.

Details

This policy setting allows you configure if the document properties are encrypted. This applies to OLE documents (Office 97-2003 compatible) if the application is configured for CAPI RC4. If you enable this policy setting, the document properties will be encrypted. If you disable or do not configure this policy setting, the document properties will not be encrypted.

Solution

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Office 2016 -> Security Settings ‘Encrypt document properties’ to ‘Enabled’.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Office_System_2016_V2R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.

References

800-53|SC-28(1)
CAT|II
CCI|CCI-002476
Rule-ID|SV-238037r650678_rule
STIG-ID|DTOO321
STIG-Legacy|SV-85509
STIG-Legacy|V-70885
Vuln-ID|V-238037

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles