STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

Microsoft Word 2016 Security Technical Implementation Guide

Version

V2R1

Release Date

Nov 25, 2025

SCAP Benchmark ID

Microsoft_Word_2016

Total Checks

35

Tags

other
CAT I: 1CAT II: 34CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSONDownload STIG ZIP

Checks (35)

V-238121MEDIUMDisabling of user name and password syntax from being used in URLs must be enforced.V-238122MEDIUMBlocking as default file block opening behavior must be enforced.V-238123MEDIUMThe Internet Explorer Bind to Object functionality must be enabled.V-238124MEDIUMSaved from URL mark to assure Internet zone processing must be enforced.V-238125MEDIUMConfiguration for file validation must be enforced.V-238126MEDIUMFiles from the Internet zone must be opened in Protected View.V-238127MEDIUMNavigation to URLs embedded in Office products must be blocked.V-238128MEDIUMScripted Window Security must be enforced.V-238129MEDIUMAdd-on Management functionality must be allowed.V-238130MEDIUMAdd-ins to Office applications must be signed by a Trusted Publisher.V-238131MEDIUMLinks that invoke instances of Internet Explorer from within an Office product must be blocked.V-238132MEDIUMTrust Bar Notifications for unsigned application add-ins must be blocked.V-238133MEDIUMFile Downloads must be configured for proper restrictions.V-238134MEDIUMAll automatic loading from trusted locations must be disabled.V-238135MEDIUMDisallowance of trusted locations on the network must be enforced.V-238136MEDIUMThe Save commands default file format must be configured.V-238137MEDIUMForce encrypted macros to be scanned in open XML documents must be determined and configured.V-238138MEDIUMTrust access for VBA must be disallowed.V-238139MEDIUMProtection from zone elevation must be enforced.V-238140MEDIUMActiveX Installs must be configured for proper restriction.V-238141MEDIUMFiles in unsafe locations must be opened in Protected View.V-238142MEDIUMDocument behavior if file validation fails must be set.V-238143MEDIUMAttachments opened from Outlook must be in Protected View.V-238144MEDIUMThe automatically update links feature must be disabled.V-238145MEDIUMWarning Bar settings for VBA macros must be configured.V-238146MEDIUMOnline translation dictionaries must not be used.V-238147MEDIUMWord 2 and earlier binary documents and templates must be blocked for open/save.V-238148MEDIUMWord 2000 binary documents and templates must be configured to edit in protected view.V-238149MEDIUMWord 6.0 binary documents and templates must be configured for block open/save actions.V-238150MEDIUMWord 95 binary documents and templates must be configured to edit in protected view.V-238151MEDIUMWord 97 binary documents and templates must be configured to edit in protected view.V-238152MEDIUMWord XP binary documents and templates must be configured to edit in protected view.V-238153MEDIUMMacros must be blocked from running in Office files from the Internet.V-238154MEDIUMFiles on local Intranet UNC must be opened in Protected View.V-279951HIGHThe version of Word running on the system must be a supported version.