UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

McAfee VirusScan 8.8 Local Client STIG


Overview

Date Finding Count (89)
2015-03-30 CAT I (High): 3 CAT II (Med): 86 CAT III (Low): 0
STIG Description
The McAfee VirusScan 8.8 Local Client STIG is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the NIST 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC II - Mission Support Sensitive)

Finding ID Severity Title
V-42549 High McAfee VirusScan Access Protection Rules must be configured to prevent McAfee services from being stopped.
V-19910 High The antivirus signature file age must not exceed 7 days.
V-6453 High McAfee VirusScan On-Access Scanner General Settings must be configured to enable on-access scanning at system startup.
V-14618 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to enable scanning of scripts.
V-14619 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to block the connection when a threatened file is detected in a shared folder.
V-6618 Medium McAfee VirusScan On-Demand scan must be configured to record scanning activity in a log file.
V-6469 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to notify local users when detections occur.
V-6468 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to scan floppy during shutdown.
V-6612 Medium McAfee VirusScan On-Demand scan must be configured to decode MIME encoded files.
V-6467 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to scan boot sectors.
V-6611 Medium McAfee VirusScan On-Demand scan must be configured to scan inside archives.
V-6616 Medium McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to clean files automatically as first action.
V-6617 Medium McAfee VirusScan On-Demand scan actions, When a threat is found must be configured to delete files automatically if first action fails.
V-6614 Medium McAfee VirusScan On-Demand scan must be configured to find unknown program threats.
V-6615 Medium McAfee VirusScan On-Demand scan must be configured to find unknown macro threats.
V-6588 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to find unknown macro threats.
V-6589 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to scan inside archives.
V-6583 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to log any failure to scan encrypted files.
V-6586 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to enable on-delivery email scanning.
V-6587 Medium McAfee VirusScan On-Delivery Email Scanner must be configured to find unknown program threats and trojans.
V-6585 Medium McAfee VirusScan must be configured to receive DAT and Engine updates.
V-14663 Medium McAfee VirusScan Unwanted Programs Policy must be configured to detect adware.
V-14662 Medium McAfee VirusScan Unwanted Programs Policy must be configured to detect spyware.
V-14661 Medium McAfee VirusScan Buffer Overflow Protection Reports Settings log file size must be restricted, but be configured to at least 10MB.
V-14660 Medium McAfee VirusScan Buffer Overflow Protection Reports Settings must be configured to log buffer overflow protection scan activity.
V-42514 Medium McAfee VirusScan On Delivery Email Scanner Properties, When a threat is found, must be configured to delete attachments if the first action fails.
V-42515 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to delete attachments if the first action fails for When an unwanted attachment is found.
V-6601 Medium McAfee VirusScan On-Demand scan must be configured to scan boot sectors.
V-6600 Medium McAfee VirusScan On-Demand scan must be configured to scan all subfolders.
V-6602 Medium McAfee VirusScan On-Demand scan must be configured to scan all files.
V-6604 Medium McAfee VirusScan On-Demand scan must be configured so there are no exclusions from the scan unless exclusions have been documented with, and approved by, the ISSO/ISSM/DAA.
V-6599 Medium McAfee VirusScan On-Demand scan must be configured to scan all fixed disks and running processes.
V-6591 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to scan email message body.
V-6590 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to decode MIME encoded files.
V-6592 Medium McAfee VirusScan On Delivery Email Scanner Properties, When a threat is found, must be configured to clean attachments as the first action.
V-6597 Medium McAfee VirusScan On-Delivery Email Scanner log file size must be restricted and be configured to be at least 10MB.
V-6596 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to record scanning activity in a log file.
V-42563 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to not exclude any script processes from being scanned unless the process exclusions have been documented with, and approved by, the ISSO/ISSM/DAA.
V-42562 Medium McAfee VirusScan Access Protection Rules Anti-Virus Standard Protection must be set to prevent IRC communication.
V-42561 Medium McAfee VirusScan Access Protection Rules Anti-Virus Standard Protection must be set to prevent mass mailing worms from sending mail.
V-42560 Medium McAfee VirusScan Access Protection Rules Anti-Virus Standard Protection must be set to prevent remote creation of autorun files.
V-42567 Medium McAfee VirusScan On-Demand scan actions, When an unwanted program is found must be configured to delete files automatically if first action fails.
V-42566 Medium McAfee VirusScan On-Demand scan actions, When an unwanted program is found must be configured to clean files automatically as first action.
V-42565 Medium McAfee VirusScan On-Demand scan must be configured to scan memory for rootkits.
V-42564 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to not exclude any files from being scanned unless exclusions have been documented with, but also be approved by the ISSO/ISSM/DAA.
V-42569 Medium McAfee VirusScan On-Delivery Email Scanner Artemis sensitivity level must be configured to Medium or higher.
V-42568 Medium McAfee VirusScan General Options settings must be configured to not allow On-Demand scans to utilize the scan cache.
V-35027 Medium McAfee VirusScan On-Access Scanner General Settings Artemis Heuristic network check for suspicious files must be enabled and set to sensitivity level Medium or higher.
V-6620 Medium McAfee VirusScan On-Demand scan log file size must be restricted, but be configured to at least 10MB.
V-6627 Medium McAfee VirusScan On-Demand scan must be scheduled to be executed at least on a weekly basis.
V-6625 Medium McAfee VirusScan On-Demand scan must be configured to log any failure to scan encrypted files.
V-42570 Medium McAfee VirusScan On-Delivery Email Scanner must be configured to send a notification email to the IAO, IAM and/or ePO administrator when a threatening email message is detected.
V-42571 Medium McAfee VirusScan On-Delivery Email Scanner must be configured to log session summary and failure to scan encrypted files.
V-42572 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to not exclude any script URLs from being scanned unless the URL exclusions have been documented with, and approved by the ISSO/ISSM/DAA.
V-42573 Medium McAfee VirusScan Access Protection Properties must be configured to enable access protection.
V-42574 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to detect unwanted programs.
V-42575 Medium McAfee VirusScan On-Access Scanner All Processes settings actions, When an unwanted program is found must be configured to clean files automatically as first action.
V-42576 Medium McAfee VirusScan On-Access Scanner All Processes settings actions, When an unwanted program is found must be configured to delete files automatically if first action fails.
V-14627 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to find unknown macro viruses.
V-14626 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to find unknown unwanted programs and trojans.
V-14625 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to scan all files.
V-14624 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to scan when reading from disk.
V-14623 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to scan when writing to disk.
V-14622 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to use only one scanning policy for all processes, unless the use of Low-Risk Processes/High-Risk Processes has been documented with, and approved by, the IAO/IAM.
V-14621 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to block the connection when a file with a potentially unwanted program is detected in a shared folder.
V-14620 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to unblock connections after a minimum of 30 minutes.
V-14628 Medium McAfee VirusScan On-Access Scanner All Processes settings must be configured to scan inside archive files.
V-42558 Medium McAfee VirusScan Access Protection Rules Common Maximum Protection must be set to detect and log the launching of files from the Downloaded Programs Files folder.
V-42559 Medium McAfee VirusScan Access Protection Rules Anti-Spyware Maximum Protection must be set to block and log execution of scripts from the Temp folder.
V-42552 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent modification of McAfee files and settings.
V-42553 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent modification of McAfee Common Management Agent files and settings.
V-42550 Medium McAfee VirusScan Access Protection Reports settings must be configured to record scanning activity in a log file.
V-42551 Medium McAfee VirusScan Access Protection Reports log file size must be restricted and be configured to at least 10MB.
V-42556 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to block and report when common programs are run from the Temp folder.
V-42557 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent hooking of McAfee processes.
V-42554 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent modification of McAfee Scan Engine files and settings.
V-42555 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent termination of McAfee processes.
V-59365 Medium McAfee VirusScan Access Protection Rules Common Standard Protection must be set to block and report when common all programs are run from the Temp folder.
V-14652 Medium McAfee VirusScan On Delivery Email Scanner Properties must be configured to clean attachments as the first action for When an unwanted program is found.
V-14657 Medium McAfee VirusScan Buffer Overflow Protection Buffer Overflow Settings must be configured to enable Buffer Overflow Protection.
V-14654 Medium McAfee VirusScan On-Demand scan must be configured to detect for unwanted programs.
V-14658 Medium McAfee VirusScan Buffer Overflow Protection Buffer Overflow Settings must be configured for Protection mode.
V-14659 Medium McAfee VirusScan Buffer Overflow Protection Buffer Overflow Settings must be configured to display a dialog box when a buffer overflow is detected.
V-14630 Medium McAfee VirusScan On-Access Scanner All Processes settings actions, When a threat is found must be configured to clean files automatically as first action.
V-14631 Medium McAfee VirusScan On-Access Scanner All Processes settings actions, When a threat is found must be configured to delete files automatically if first action fails.
V-6478 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to log the session summary.
V-6474 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to log the scan sessions.
V-6475 Medium McAfee VirusScan On-Access Scanner General Settings log file size must be restricted and be configured to at least 10MB.
V-6470 Medium McAfee VirusScan On-Access Scanner General Settings must be configured to prevent users from removing messages from the list.