Checklist Summary:

The Windows 8 Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus, as well as Windows security guidance by Microsoft Corporation. The vulnerabilities discussed in this document are applicable to Windows 8 Professional and Enterprise Editions.

Checklist Role:

• Operating System

Known Issues:

Not provided

Target Audience:

This document is a requirement for all DoD administered systems and all systems connected to DoD networks. These requirements are designed to assist Security Managers (SMs), Information Assurance Managers (IAMs), IAOs, and System administrators (SAs) with configuring and maintaining security controls. This guidance supports DoD system design, development,implementation, certification, and accreditation efforts.

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

The vulnerabilities discussed in this document are applicable to Windows 8 Professional and Enterprise Editions.

Regulatory Compliance:

Department of Defense [DoD] Directive 8500

Comments/Warnings/Miscellaneous:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Disclaimer:

Not provided

Product Support:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Point of Contact:

Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil. DISA Field Security Operations (FSO) will coordinate all change requests with the relevant DoD organizations before inclusion in this document.

Sponsor:

Not provided

Licensing:

Not provided

Change History:

Updated status from "Under Review" to "Final" - 30 June 2015
Version 1, Release 7 - 25 July 2014 (SCAP 1.0)
Version 1, Release 6 - 25 April 2014 (SCAP 1.0)
Version 1, Release 5 - 25 April 2014 (XCCDF)
Version 1, Release 4 - 24 January 2014
Version 1, Release 3 - 24 November 2013
Version 1, Release 3 - 25 October 2013
Version 1, Release 2 - 24 July 2013
Version 1, Release 1 - 15 February 2013
Version 1, Release 8 - 28 January 2015
Benchmark Version 1, Release 10 - 18 May 2015
Standalone XCCDF - Version 1, Release 9 - 18 May 2015
Version 1, Release 11 - 30 October 2015
Changed status from "Under Review" to "Final" - 17 December 2015
Version 1, Release 12 - 8 February 2016
3/15/2016 - Promote to Final
5/2/2016 - Version 1, Release 13
moved to FINAL - 6/7/2016
updated to - v1, r14 - 07/22/2016
Updated to FINAL - 09/12/2016
Updated STIG to Version 1, Release 15 - 10/28/2016
updated to FINAL - 12/07/2016
Updated to Ver 1, Rel 17 - 01/27/2017
Updated to FINAL - 03/13/2017
Updated to Version 1, Release 17 - 04/28/2017
Updated to FINAL - 05/30/2017
null
Updated URL to reflect change to the DISA website - http --> https
Updated to FINAL - 09/07/2017
Updated - 11/01/2017
Updated to FINAL - 12/02/2017
Updated to Version 1, Release 20 - 02/16/2018
Updated to FINAL - 3/18/2018
sunset - 4/25/18
updated GPO file - 2/8/19
Updated URLs - 6/12/19
updated URLs - 9/11/19
Updated GPO file - 10/31/19
Updated GPO file per DISA - 1/29/2020
Updated GPO file per DISA - 2/3/2020
updated GPO file - 3/6/2020
updated resource title per DISA - 3/12/2020
updated URLs - 6/8/2020
Updated URLs per DISA - 7/7/2020
Updated GPO file per DISA - 8/5/2020
updated GPO file - 10/29/2020
Updated GPO per DISA - 5/2/22
null
null
Updated GPO per DISA - 5/29/22
null

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 06/10/2022