UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The McAfee MOVE AV SVM Settings policy must be configured to scan for Multipurpose Internet Mail Extensions (MIME)-encoded files.


Overview

Finding ID Version Rule ID IA Controls Severity
V-78573 MV45-SVM-000006 SV-93279r1_rule Medium
Description
Multipurpose Internet Mail Extensions (MIME) encoded files can be crafted to hide a malicious payload. When the MIME encoded file is presented to software that decodes the MIME encoded files, such as an email client, the malware is released. Scanning these files as part of the regularly scheduled scans tasks will mitigate this risk.
STIG Date
McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide 2018-07-09

Details

Check Text ( C-78143r1_chk )
Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "SVM Settings".

Select each configured SVM Settings policy.

Click "Show Advanced".

Under "Scanning Options", verify the "Enabled scanning for MIME-encoded files" check box is selected.

If the "Enabled scanning for MIME-encoded files" is not selected, this is a finding.
Fix Text (F-85309r1_fix)
Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "SVM Settings".

Select each configured SVM Settings policy.

Click "Show Advanced".

Under "Scanning Options", select the "Enabled scanning for MIME-encoded files" check box.

Click "Save".