Check: DTAG008
McAfee VirusScan Managed Client:
DTAG008
(in version v4 r10)
Title
The antivirus signature file age exceeds 7 days. (Cat I impact)
Discussion
Antivirus signature files are updated almost daily by antivirus software vendors. These files are made available to antivirus clients as they are published. Keeping virus signature files as current as possible is vital to the security of any system. Note: If the vendor or trusted site’s files match the date of the signature files on the machine, this is not a finding.
Check Content
On client machine locate McAfee icon in system tray. Right click to open and choose VirusScan Console. Select Help then choose About VirusScan Enterprise. Displayed will be a date for "DAT Created On:. Criteria: If the "DAT Created On:" date is older than 7 calendar days from the current date, this is a finding. Note: If the vendor or trusted site’s files are also older than 7 days and match the date of the signature files on the machine, this is not a finding.
Fix Text
Update client machines via ePo. If this fails to update the client, update antivirus signature file as your local process describes e.g autoupdate or runtime executable.
Additional Identifiers
Rule ID:
Vulnerability ID: V-19910
Group Title:
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001240 |
The organization updates malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures. |
Controls
| Number | Title |
|---|---|
| SI-3 |
Malicious Code Protection |