STIGQter: STIG Summary: McAfee VirusScan 8.8 Local Client STIG Version: 5 Release: 16 Benchmark Date: 27 Jul 2018:

McAfee VirusScan On-Access Scanner General Settings must be configured to scan boot sectors.

DISA Rule

SV-56367r1_rule

Vulnerability Number

V-6467

Group Title

DTAM002-McAfee VirusScan on access scan boot sectors

Rule Version

DTAM002

Severity

CAT II

CCI(s)

CCI-001242 - The organization configures malicious code protection mechanisms to perform real-time scans of files from external sources at endpoints as the files are downloaded, opened, or executed in accordance with organizational security policy.

Weight

Fix Recommendation

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
On the menu bar, click Task->On-Access Scanner Properties.
Select the General Settings.

Under the General tab, locate the "Scan:" label. Select the "Boot Sectors" option.

Click OK to Save.

Check Contents

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
On the menu bar, click Task->On-Access Scanner Properties
Select the General Settings.

Under the General tab, locate the "Scan:" label. Ensure the "Boot Sectors" option is selected.

Criteria: If the "Boot Sectors" option is selected, this is not a finding.

On the client machine, use the Windows Registry Editor to navigate to the following key:
HKLM\Software\McAfee\ (32-bit)
HKLM\Software\Wow6432Node\McAfee\ (64-bit)
\SystemCore\VSCore\On Access Scanner\McShield\Configuration

Criteria: If the value of bDontScanBootSectors is 0, this is not a finding. If the value is 1, this is a finding.

McAfee VirusScan On-Access Scanner General Settings must be configured to scan boot sectors.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments