Microsoft Windows Defender Antivirus STIG

Microsoft Windows Defender Antivirus Security Technical Implementation Guide

ID Vuln ID Title Cat Status
WNDF-AV-000014 V-213438 Windows Defender AV must be configured to not allow override of monitoring for incoming and outgoing file activity. Cat II
WNDF-AV-000023 V-213447 Windows Defender AV must be configured to process scanning when real-time protection is enabled. Cat II
WNDF-AV-000004 V-213428 Windows Defender AV must be configured to run and scan for malware and other potentially unwanted software. Cat I
WNDF-AV-000018 V-213442 Windows Defender AV must monitor for incoming and outgoing files. Cat II
WNDF-AV-000042 V-213466 Windows Defender AV must be configured for automatic remediation action to be taken for threat alert level Low. Cat II
WNDF-AV-000013 V-213437 Windows Defender AV must be configured to not allow local override of monitoring for file and program activity. Cat II
WNDF-AV-000026 V-213450 Windows Defender AV must be configured to perform a weekly scheduled scan. Cat II
WNDF-AV-000033 V-213457 Windows Defender AV must be configured block Office applications from creating child processes. Cat II
WNDF-AV-000008 V-213432 Windows Defender AV must be configured to disable local setting override for reporting to Microsoft MAPS. Cat II
WNDF-AV-000019 V-213443 Windows Defender AV must be configured to monitor for file and program activity. Cat II
WNDF-AV-000009 V-213433 Windows Defender AV must be configured to check in real time with MAPS before content is run or accessed. Cat II
WNDF-AV-000036 V-213460 Windows Defender AV must be configured to impede JavaScript and VBScript to launch executables. Cat II
WNDF-AV-000020 V-213444 Windows Defender AV must be configured to scan all downloaded files and attachments. Cat II
WNDF-AV-000037 V-213461 Windows Defender AV must be configured to block execution of potentially obfuscated scripts. Cat II
WNDF-AV-000041 V-213465 Windows Defender AV must be configured for automatic remediation action to be taken for threat alert level Medium. Cat II

Print

Display this benchmark in a printer-friendly format for off-line reference. This display does not include any commands.
Print

Version Changes

If there are multiple versions of this benchmark, Xylok can display the differences between any changes in the checks.
Changes