STIGQter: STIG Summary: Microsoft Outlook 2010 STIG Version: 1 Release: 13 Benchmark Date: 27 Apr 2018:

Digital signatures must be allowed.

DISA Rule

SV-33504r1_rule

Vulnerability Number

V-17673

Group Title

DTOO227 - Digital Signature handling

Rule Version

DTOO227 - Outlook

Severity

CAT II

CCI(s)

• CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

Weight

10

Fix Recommendation

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010-> Outlook Options -> Mail format “Do not allow signatures for e-mail messages” to “Disabled”.

Check Contents

The policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010-> Outlook Options -> Mail format “Do not allow signatures for e-mail messages” must be set to “Disabled”.

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\14.0\common\mailsettings

Criteria: If the value DisableSignatures is REG_DWORD = 0, this is not a finding.

Vulnerability Number

V-17673

Documentable

False

Rule Version

DTOO227 - Outlook

Severity Override Guidance

The policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2010-> Outlook Options -> Mail format “Do not allow signatures for e-mail messages” must be set to “Disabled”.

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\14.0\common\mailsettings

Criteria: If the value DisableSignatures is REG_DWORD = 0, this is not a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

2024

Comments