An error occurred:

Check: DTOO237 - Outlook

Microsoft Outlook 2007: DTOO237 - Outlook (in versions v4 r16 through v4 r15)

Title

Disable the "remember password" for internet e-mail accounts - Outlook. (Cat II impact)

Discussion

As a security precaution, password caching for eMail Internet protocols such as POP3 or IMAP may lead to password discovery and evantually to data loss.

Check Content

The policy value for User Configuration -> Administrative Templates -> Microsoft Office Outlook 2007 -> Security “Disable ‘Remember password’ for Internet e-mail accounts” will be set to “Enabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\12.0\Outlook\Security Criteria: If the value EnableRememberPwd is REG_DWORD = 0, this is not a finding.

Fix Text

The policy value for User Configuration -> Administrative Templates -> Microsoft Office Outlook 2007 -> Security “Disable ‘Remember password’ for Internet e-mail accounts” will be set to “Enabled”.

Additional Identifiers

Rule ID: SV-18712r1_rule

Vulnerability ID: V-17587

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check