STIGQter STIGQter: STIG Summary: McAfee VirusScan 8.8 Local Client STIG Version: 5 Release: 16 Benchmark Date: 27 Jul 2018: The antivirus signature file age must not exceed 7 days.

DISA Rule

SV-56366r2_rule

Vulnerability Number

V-19910

Group Title

DTAG008 - The antivirus signature file age exceeds 7 days.

Rule Version

DTAG008

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.

Under the Task column, select the AutoUpdate option, right-click, and select "Start".

Check Contents

Access the local VirusScan console by clicking Start >> All Programs >> McAfee >> VirusScan Console.

Click Help >> About VirusScan Enterprise.

The “About” dialog box will be displayed, showing, among other information, the current DAT version installed and the date of that DAT version.
Guidance in DTAM016 requires updates be run daily, automatically or manually. If compliant, the DAT date will be within 24-48 hours old. Since automated update tasks’ success is not guaranteed, the expectation is for update task success to be frequently monitored and corrected when unsuccessful. To allow for that correction, the minimum acceptable threshold for DAT date is not to exceed 7 days.

If the DAT date displayed is more than “7” days old, this is a finding.

If the vendor or trusted site's files match the date of the signature files on the machine, this is not a finding.

Vulnerability Number

V-19910

Documentable

False

Rule Version

DTAG008

Severity Override Guidance

Access the local VirusScan console by clicking Start >> All Programs >> McAfee >> VirusScan Console.

Click Help >> About VirusScan Enterprise.

The “About” dialog box will be displayed, showing, among other information, the current DAT version installed and the date of that DAT version.
Guidance in DTAM016 requires updates be run daily, automatically or manually. If compliant, the DAT date will be within 24-48 hours old. Since automated update tasks’ success is not guaranteed, the expectation is for update task success to be frequently monitored and corrected when unsuccessful. To allow for that correction, the minimum acceptable threshold for DAT date is not to exceed 7 days.

If the DAT date displayed is more than “7” days old, this is a finding.

If the vendor or trusted site's files match the date of the signature files on the machine, this is not a finding.

Check Content Reference

M

Responsibility

System Administrator

Target Key

605

Comments