UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

An approved DoD virus scan program must be used and kept updated.


Overview

Finding ID Version Rule ID IA Controls Severity
V-1074 WN08-GE-000002 SV-48017r1_rule ECVP-1 High
Description
Virus scan programs are a primary line of defense against the introduction of viruses and malicious code that can destroy data and even render a computer inoperable. Utilizing the most current virus scan program provides the ability to detect this malicious code before extensive damage occurs. Updated virus scan data files help protect a system, as new malware is identified by the software vendors on a regular basis.
STIG Date
Windows 8 Security Technical Implementation Guide 2013-07-03

Details

Check Text ( C-44755r2_chk )
If one of the following products is not installed and supported at an appropriate maintenance level, this is a finding:

McAfee VirusScan Enterprise Version 8.8 Patch 3 or later
Symantec Endpoint Protection (SEP) 12.1 Release Update 2 or later

If the antivirus program signature file is not dated within the past 7 days, this is a finding.

The version numbers and the date of the signature file can generally be checked by starting the antivirus program from the toolbar icon or from the Start menu. The information may appear in the antivirus window or be available in the Help > About window. The location varies from product to product.

Email versions of antivirus software are not acceptable as protection for Windows operating systems. However, both the email antivirus software and the operating system antivirus software can coexist and run on the same system.

If another recognized antivirus product is installed and has a current signature file, this would still be a finding; however, the severity code may be reduced to a Category III.
Fix Text (F-41155r1_fix)
Configure the system with supported, DoD-approved virus scanning software. Ensure the signature file is current.