Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The macOS system must use an approved antivirus program.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-257224 | APPL-13-002070 | SV-257224r950969_rule | High |
| Description |
|---|
| An approved antivirus product must be installed and configured to run. Malicious software can establish a base on individual desktops and servers. Employing an automated mechanism to detect this type of software will aid in elimination of the software from the operating system. |
| STIG | Date |
|---|---|
| Apple macOS 13 (Ventura) Security Technical Implementation Guide | 2024-02-06 |
Details
| Check Text ( C-60909r950969_chk ) |
|---|
| Verify the macOS system is configured to enforce installation of XProtect Remediator and Gatekeeper updates automatically with the following command: /usr/bin/defaults read /Library/Preferences/com.apple.SoftwareUpdate.plist | /usr/bin/grep "ConfigDataInstall" ConfigDataInstall = 1; If the XProtect service is being used and "ConfigDataInstall" is not set to "1", this is a finding. If XProtect is not active on the system, ask the system administrator (SA) or information system security officer (ISSO) if an approved antivirus solution is loaded on the system. The antivirus solution may be bundled with an approved host-based security solution. If no local antivirus solution is installed on the system, this is a finding. |
| Fix Text (F-60850r905304_fix) |
|---|
| Configure the macOS system to automatically update XProtect by installing the "Restrictions Policy" configuration profile. If XProtect is not being used, install an approved antivirus solution on the system. |