Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-6585 | DTAM016 | SV-56375r1_rule | ECVP-1 | Medium |
Description |
---|
Antivirus signature files are updated almost daily by antivirus software vendors. These files are made available to antivirus clients as they are published. Keeping virus signature files as current as possible is vital to the security of any system. The antivirus software product must be configured to receive those updates automatically in order to afford the expected protection. |
STIG | Date |
---|---|
McAfee VirusScan 8.8 Local Client STIG | 2015-12-29 |
Check Text ( C-49301r2_chk ) |
---|
Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console. Under the Task column, find the AutoUpdate option, right-click, and choose Properties. Click the Schedule button. On the Task tab, the selection for "Enable (scheduled task runs at specified time)" must be selected. On the Schedule tab, the "Run task:" option must be configured with Daily, Weekly, At Startup, At Logon, or When Idle. Alternative Registry method: Use the Windows Registry Editor to navigate to the following key: HKLM\Software\McAfee for 32-bit systems HKLM\Software\Wow6432Node\McAfee for 64-bit systems \DesktopProtection\Tasks\{A14CD6FC-3BA8-4703-87BF-e3247CE382F5} Criteria: If bSchedEnabled=1 (indicates Scheduling is enabled) and eScheduleType=any of the below values, this is not a finding. Acceptable eSchedule Type values: 0 (indicates Daily), 1 (indicates Weekly), 4 (indicates at Startup), 5 (indicates at Logon), 6 (indicates When Idle). If bSchedEnabled=0 (indicates Scheduling is not enabled), this is a finding. If the AutoUpdate task schedule is not enabled, or is not configured to run at a frequency to ensure signature files are within 7 days old, this is a finding. If the AutoUpdate task schedule is enabled and configured to run at a frequency to ensure signature files are within 7 days old, this is not a finding. |
Fix Text (F-49058r1_fix) |
---|
Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console. Under the Task column, find the AutoUpdate option, right-click, and choose Properties. Click the Schedule button. On the Task tab, select "Enable (scheduled task runs at specified time)". On the Schedule tab, the "Run task:" option must be configured with Daily, Weekly, At Startup, At Logon, or When Idle. Click OK to save. |