Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19910 | DTAG008 | SV-55133r1_rule | ECVP-1 | High |
Description |
---|
Antivirus signature files are updated almost daily by antivirus software vendors. These files are made available to antivirus clients as they are published. Keeping virus signature files as current as possible is vital to the security of any system. |
STIG | Date |
---|---|
McAfee VirusScan 8.8 Managed Client STIG | 2016-01-04 |
Check Text ( C-48771r7_chk ) |
---|
On the client machine, locate the McAfee icon in the system tray. Right-click to open and choose Manage Features, VirusScan Enterprise. If the VirusScan Enterprise is not available under the McAfee icon's Manage Features, access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console. Select Help, then choose About VirusScan Enterprise. Displayed will be a date for "DAT Created On:". Criteria: If the "DAT Created On:" date is older than 7 calendar days from the current date, this is a finding. From the ePO server console System Tree, select the Systems tab, select the asset to be checked and double-click to open its properties. Under the System Information, scroll down to the VirusScan Enterprise section and click on the More link at the top right hand portion of the VirusScan Enterprise section. Scroll down to the General section and confirm the DAT Date reflected is within the last 7 days. Criteria: If the DAT Date is older than 7 calendar days from the current date, this is a finding. Note: If the vendor or trusted site's files are also older than 7 days and match the date of the signature files on the machine, this is not a finding. |
Fix Text (F-47990r1_fix) |
---|
Update client machines via ePO client task. If this fails to update the client, update antivirus signature files as your local process describes (e.g., auto update or runtime executable.) |