STIGQter: STIG Summary: Microsoft Outlook 2013 STIG Version: 1 Release: 13 Benchmark Date: 26 Oct 2018:

The ability to add signatures to email messages must be allowed.

DISA Rule

SV-53886r1_rule

Vulnerability Number

V-17673

Group Title

DTOO227 - Digital Signature handling

Rule Version

DTOO227

Severity

CAT II

CCI(s)

• CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

Weight

10

Fix Recommendation

Set the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013 -> Outlook Options -> Mail format "Do not allow signatures for e-mail messages" to "Disabled".

Check Contents

Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013-> Outlook Options -> Mail format "Do not allow signatures for e-mail messages" is set to "Disabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\15.0\common\mailsettings

Criteria: If the value DisableSignatures is REG_DWORD = 0, this is not a finding.

Vulnerability Number

V-17673

Documentable

False

Rule Version

DTOO227

Severity Override Guidance

Verify the policy value for User Configuration -> Administrative Templates -> Microsoft Outlook 2013-> Outlook Options -> Mail format "Do not allow signatures for e-mail messages" is set to "Disabled".

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\15.0\common\mailsettings

Criteria: If the value DisableSignatures is REG_DWORD = 0, this is not a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

2482

Comments