Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
McAfee VirusScan Access Protection Rules Anti-Spyware Maximum Protection must be set to block and log execution of scripts from the Temp folder.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-42559 | DTAM148 | SV-55287r4_rule | Medium |
| Description |
|---|
| This rule prevents the Windows scripting host from running VBScript and JavaScript scripts from the Temp directory. This would protect against a large number of trojans and questionable web installation mechanisms that are used by many adware and spyware applications. |
| STIG | Date |
|---|---|
| McAfee VirusScan 8.8 Local Client STIG | 2015-03-30 |
Details
| Check Text ( C-49359r5_chk ) |
|---|
| Note: If the HIPS signature 3893 is enabled to provide this same protection, this check is Not Applicable. Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console. Under the Task column, select Access Protection, right-click, and select Properties. Under the Access Protection tab, locate the "Access protection rules:" label. In the "Categories" box, select "Anti-Spyware Maximum Protection". Ensure the "Prevent execution of scripts from the Temp folder" (Block and Report) option is selected. Criteria: If the "Prevent execution of scripts from the Temp folder" (Block and Report) option is not selected, this is not a finding. |
| Fix Text (F-48141r3_fix) |
|---|
| Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console. Under the Task column, select Access Protection, right-click, and select Properties. Under the Access Protection tab, locate the "Access protection rules:" label. In the "Categories" box, select "Anti-Spyware Maximum Protection". Select the "Prevent execution of scripts from the Temp folder" (Block and Report) option. Click OK to save. |