DISA releases out-of-cycle Microsoft Windows Server STIG updates
The Defense Information Systems Agency has released an out-of-cycle update for the Microsoft Windows Server 2016, 2019, and 2022 Security Technical Implementation Guides (STIGs), which become effective immediately upon release.
This includes the sunsetting of the Microsoft Windows Server 2016 STIG.
Customers who possess a Common Access Card (CAC) that has valid Department of Defense (DOD) certificates can obtain the files from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The files are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads.
Users who are unable to find and download the files can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.