The Defense Information Systems Agency has released the following out-of-cycle Security Technical Implementation Guide (STIG) and Security Content Automation Protocol (SCAP) benchmark updates, which become effective immediately upon release:

 

Active Directory Domain STIG – Ver 3, Rel 3

Microsoft Windows 10 STIG – Ver 2, Rel 6

Microsoft Windows 11 STIG – Ver 1, Rel 3

Microsoft Windows 2012 and 2012 R2 DC STIG – Ver 3, Rel 6

Microsoft Windows 2012 and 2012 R2 MS STIG – Ver 3, Rel 6

Microsoft Windows Server 2016 STIG – Ver 2, Rel 6

Microsoft Windows Server 2019 STIG – Ver 2, Rel 6

Microsoft Windows Server 2022 STIG – Ver 1, Rel 2

 

Microsoft Defender Antivirus STIG Benchmark – Ver 2, Rel 4

Microsoft Windows 10 STIG Benchmark – Ver 2, Rel 8

Microsoft Windows 11 STIG Benchmark – Ver 1, Rel 2

Microsoft Windows Firewall STIG Benchmark – Ver 2, Rel 2

Microsoft Windows Server 2012 and 2012 R2 DC STIG Benchmark – Ver 3, Rel 5

Microsoft Windows Server 2012 and 2012 R2 MS STIG Benchmark – Ver 3, Rel 5

Microsoft Windows Server 2016 STIG Benchmark – Ver 2, Rel 4

Microsoft Windows Server 2019 STIG Benchmark – Ver 2, Rel 4

Microsoft Windows Server 2022 STIG Benchmark – Ver 1, Rel 2

 

The Group Policy Objects file was updated previously (refer to April posting) to reflect these STIG updates.

 

Customers who possess a Common Access Card (CAC) that has valid Department of Defense (DOD) certificates can obtain the files from the DOD Cyber Exchange website at https://cyber.mil/stigs/downloads/. The files are also available on the Cyber Exchange public site at https://public.cyber.mil/stigs/downloads/.

 

Users who are unable to find and download the files can report their issue to the Cyber Exchange web team at dod.cyberexchange@mail.mil. Individuals who have further questions related to STIG content should email the DISA STIG customer support desk at disa.stig_spt@mail.mil.