Check: DTAM136
McAfee VirusScan 8.8 Local Client STIG:
DTAM136
(in versions v6 r1 through v5 r12)
Title
McAfee VirusScan Unwanted Programs Policy must be configured to detect adware. (Cat II impact)
Discussion
Adware, like spyware, is, at best, an annoyance by presenting unwanted advertisements to the user of a computer, sometimes in the form of a popup. At worst, it redirects the user to malicious websites. Detecting and blocking will mitigate the likelihood of users being tricked into visiting sites with malicious content.
Check Content
Access the local VirusScan console by clicking on Start->All Programs->McAfee->VirusScan Console. Under the Task column, find the Unwanted Programs Policy, right-click, and choose Properties. In the Scan Items tab, ensure the Adware option is selected. If the Adware option is not selected, this is a finding. If the Adware option is selected, this is not a finding. On the client machine, use the Windows Registry Editor to navigate to the following key: HKLM\Software\McAfee\ (32-bit) HKLM\Software\Wow6432Node\McAfee\ (64-bit) SystemCore\VSCore\NVP Criteria: If the value DetectAdware is 1, this is not a finding.
Fix Text
Access the local VirusScan console by clicking on Start->All Programs->McAfee->VirusScan Console. Under the Task column, find the Unwanted Programs Policy, right-click, and choose Properties. In the Scan Items tab, select the Adware option. Click OK to Save.
Additional Identifiers
Rule ID: SV-243410r722569_rule
Vulnerability ID: V-243410
Group Title: SRG-APP-000279
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001243 |
The organization configures malicious code protection mechanisms to perform organization-defined action(s) in response to malicious code detection. |
Controls
Number | Title |
---|---|
SI-3 |
Malicious Code Protection |