STIGQter STIGQter: STIG Summary: McAfee VirusScan 8.8 Local Client STIG Version: 5 Release: 16 Benchmark Date: 27 Jul 2018: McAfee VirusScan Unwanted Programs Policy must be configured to detect spyware.

DISA Rule

SV-56415r1_rule

Vulnerability Number

V-14662

Group Title

DTAM135-McAfee VirusScan detection of Spyware

Rule Version

DTAM135

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Access the local VirusScan console by clicking on Start->All Programs->McAfee->VirusScan Console.

Under the Task column, find the Unwanted Programs Policy, right-click, and choose Properties.
In the Scan Items tab, select the Spyware option.

Click OK to save.

Check Contents

Access the local VirusScan console by clicking on Start->All Programs->McAfee->VirusScan Console.

Under the Task column, find the Unwanted Programs Policy, right-click, and choose Properties.
In the Scan Items tab, ensure the Spyware option is selected.

If the Spyware option is not selected, this is a finding.
If the Spyware option is selected, this is not a finding.

On the client machine, use the Windows Registry Editor to navigate to the following key:
HKLM\Software\McAfee\ (32-bit)
HKLM\Software\Wow6432Node\McAfee\ (64-bit)
SystemCore\VSCore\NVP

Criteria: If the value DetectSpyware is 1, this is not a finding.

Vulnerability Number

V-14662

Documentable

False

Rule Version

DTAM135

Severity Override Guidance

Access the local VirusScan console by clicking on Start->All Programs->McAfee->VirusScan Console.

Under the Task column, find the Unwanted Programs Policy, right-click, and choose Properties.
In the Scan Items tab, ensure the Spyware option is selected.

If the Spyware option is not selected, this is a finding.
If the Spyware option is selected, this is not a finding.

On the client machine, use the Windows Registry Editor to navigate to the following key:
HKLM\Software\McAfee\ (32-bit)
HKLM\Software\Wow6432Node\McAfee\ (64-bit)
SystemCore\VSCore\NVP

Criteria: If the value DetectSpyware is 1, this is not a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

605

Comments