UCF STIG Viewer Logo

The system must notify antivirus when file attachments are opened.


Overview

Finding ID Version Rule ID IA Controls Severity
V-14270 WN08-UC-000011 SV-48218r1_rule ECVP-1 Medium
Description
Attaching malicious files is a known avenue of attack. This setting configures the system to notify antivirus programs when a user opens a file attachment.
STIG Date
Windows 8 Security Technical Implementation Guide 2014-01-07

Details

Check Text ( C-44897r1_chk )
If the following registry value does not exist or is not configured as specified, this is a finding:

Registry Hive: HKEY_CURRENT_USER
Subkey: \Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\

Value Name: ScanWithAntiVirus

Type: REG_DWORD
Value: 3
Fix Text (F-41354r1_fix)
Configure the policy value for User Configuration -> Administrative Templates -> Windows Components -> Attachment Manager -> "Notify antivirus programs when opening attachments" to "Enabled".