STIGQter: STIG Summary: McAfee VirusScan 8.8 Local Client STIG Version: 5 Release: 16 Benchmark Date: 27 Jul 2018:

McAfee VirusScan Access Protection Rules Common Maximum Protection must be set to detect and log the launching of files from the Downloaded Programs Files folder.

DISA Rule

SV-55286r2_rule

Vulnerability Number

V-42558

Group Title

DTAM147-Access Protection detect and log launching of downloaded programs

Rule Version

DTAM147

Severity

CAT II

CCI(s)

• CCI-001169 - The information system prevents the download of organization-defined unacceptable mobile code.

Weight

10

Fix Recommendation

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
Under the Task column, select Access Protection, right-click, and select Properties.

Under the Access Protection tab, locate the "Access protection rules:" label. In the "Categories" box, select "Common Maximum Protection". Select the "Prevent launching of files from the Downloaded Program Files folder" (Report) option.

Click OK to Save.

Check Contents

Note: If the HIPS signature 3910 is enabled to provide this same protection, this check is not applicable.

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
Under the Task column, select Access Protection, right-click, and select Properties.

Under the Access Protection tab, locate the "Access protection rules:" label. In the "Categories" box, select "Common Maximum Protection". Ensure the "Prevent launching of files from the Downloaded Program Files folder" (Report) option is selected.

Criteria: If the "Prevent launching of files from the Downloaded Program Files folder" (Report) option is selected, this is not a finding.

Vulnerability Number

V-42558

Documentable

False

Rule Version

DTAM147

Severity Override Guidance

Note: If the HIPS signature 3910 is enabled to provide this same protection, this check is not applicable.

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
Under the Task column, select Access Protection, right-click, and select Properties.

Under the Access Protection tab, locate the "Access protection rules:" label. In the "Categories" box, select "Common Maximum Protection". Ensure the "Prevent launching of files from the Downloaded Program Files folder" (Report) option is selected.

Criteria: If the "Prevent launching of files from the Downloaded Program Files folder" (Report) option is selected, this is not a finding.

Check Content Reference

M

Target Key

605

Comments