Microsoft Office 365 ProPlus STIG

Microsoft Office 365 ProPlus Security Technical Implementation Guide

ID Vuln ID Title Cat Status
O365-EX-000027 V-223336 Macros must be blocked from running in Excel files from the Internet. Cat II
O365-OU-000020 V-223365 When a custom action is executed that uses the Outlook object model, Outlook must automatically deny it. Cat II
O365-OU-000016 V-223361 The display of Level 1 attachments must be disabled in Outlook. Cat II
O365-OU-000018 V-223363 Level 2 file attachments must be blocked from being delivered. Cat II
O365-EX-000030 V-223339 Untrusted database files must be opened in Excel in Protected View mode. Cat II
O365-WD-000016 V-223415 In Word, macros must be blocked from running, even if Enable all macros is selected in the Macro Settings section of the Trust Center. Cat II
O365-EX-000001 V-223310 Trusted Locations on the network must be disabled in Excel. Cat II
O365-VI-000001 V-223393 VBA Macros not digitally signed must be blocked in Visio. Cat II
O365-OU-000013 V-223358 Outlook must be configured to allow retrieving of Certificate Revocation Lists (CRLs) always when online. Cat II
O365-WD-000015 V-223414 Open/Save of Word XP binary documents and templates must be blocked. Cat II
O365-WD-000014 V-223413 Open/Save of Word 97 binary documents and templates must be blocked. Cat II
O365-CO-000015 V-223297 Consistent MIME handling must be enabled for all Office 365 ProPlus programs. Cat II
O365-EX-000007 V-223316 Open/save of Excel 2 macrosheets and add-in files must be blocked. Cat II
O365-EX-000010 V-223319 Open/save of Excel 3 worksheets must be blocked. Cat II
O365-VI-000006 V-223398 Visio 5.0 or earlier Binary Drawings, Templates and Stencils must be blocked. Cat II


Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.

Version Changes

If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.