This is a potential security issue, you are being redirected to https://nvd.nist.gov
|Microsoft Access 2003||cpe:/a:microsoft:access:2003 (View CVEs)|
|Microsoft Excel 2003||cpe:/a:microsoft:excel:2003 (View CVEs)|
|Microsoft InfoPath 2003||cpe:/a:microsoft:infopath:2003 (View CVEs)|
|Microsoft Outlook 2003||cpe:/a:microsoft:outlook:2003 (View CVEs)|
|Microsoft PowerPoint 2003||cpe:/a:microsoft:powerpoint:2003 (View CVEs)|
|Microsoft Word 2003||cpe:/a:microsoft:word:2003 (View CVEs)|
This document, and associated STIGs, has set forth requirements based upon having a secured Windows environment as described in various other documents. These documents include various National Security Agency (NSA) guides (found at http://www.nsa.gov/snac/) and the Windows 2000/XP/2003/Vista Addendum available from the IASE web site (http://iase.disa.mil/). The superset of these requirements can be found in the appropriate Windows Checklist, which is also available from the IASE web site. Failure to follow these requirements can significantly diminish the value of many of the specifications in this document. Security controls that are managed through the underlying operating system platform directly affect the strength of the security that surrounds desktop applications. This section highlights some measures that are taken to increase that strength. This section of the document provides the following categories of information: Considerations for the terminology and content of this document Information relevant to general desktop application security that is not specific to an individual product Limited guidance on individual products or categories of products that are not covered in subsequent chapters
The requirements and recommendations set forth in this document will assist Information Assurance Officers (IAO) and Information Assurance Managers (IAMs) in protecting desktop applications in DoD locations hereafter referred to as sites. The responsible Configuration Control Board (CCB) will approve revisions to site systems that could have a security impact.
Although there are a few different operating system platforms for desktop environments, this document addresses applications running on Microsoft Windows platforms. This document does not include specific guidance for UNIX or Linux or Apple desktop environments at this time. The security requirements detailed in this document apply to applications installed on Microsoft Windows Server platforms as well as Microsoft Windows Workstation platforms. On server platforms, the security configuration parameters will be set to at least as restrictive values as those listed in this document.
DoD Directive (DoDD) 8500.1
It must be noted that the guidelines specified should be evaluated in a local, representative test environment before implementation within large user populations. The extensive variety of environments makes it impossible to test these guidelines for all potential software configurations. For some environments, failure to test before implementation may lead to a loss of required functionality.
It should be noted that Field Security Operations (FSO) support for the STIGs, Checklists, and Tools is only available to DoD customers.
Version 4, Release 3 - 27 April 2012 Version 4, Release 2 - 28 October 2011 Version 4, Release 1 - 09 December 2009 (initial release) Updated "Point of Contact" - 16 January 2015 Corrected Title - 05/26/2017 Updated URL to reflect change to the DISA website - http --> https moved to archive status - 4/15/19 Updated URLs - 6/24/19 updated URLs - 9/11/19