Check: WN22-00-000110
Microsoft Windows Server 2022 STIG:
WN22-00-000110
(in versions v1 r5 through v1 r1)
Title
Windows Server 2022 must use an antivirus program. (Cat II impact)
Discussion
Malicious software can establish a base on individual desktops and servers. Employing an automated mechanism to detect this type of software will aid in elimination of the software from the operating system.
Check Content
Verify an antivirus solution is installed on the system. The antivirus solution may be bundled with an approved host-based security solution. If there is no antivirus solution installed on the system, this is a finding. Verify if Microsoft Defender antivirus is in use or enabled: Open "PowerShell". Enter "get-service | where {$_.DisplayName -Like "*Defender*"} | Select Status,DisplayName" Verify if third-party antivirus is in use or enabled: Open "PowerShell". Enter "get-service | where {$_.DisplayName -Like "*mcafee*"} | Select Status,DisplayName Enter "get-service | where {$_.DisplayName -Like "*symantec*"} | Select Status,DisplayName
Fix Text
If no antivirus software is in use, install Microsoft Defender or third-party antivirus. Open "PowerShell". Enter "Install-WindowsFeature -Name Windows-Defender". For third-party antivirus, install per antivirus instructions and disable Windows Defender. Open "PowerShell". Enter "Uninstall-WindowsFeature -Name Windows-Defender".
Additional Identifiers
Rule ID: SV-254248r848560_rule
Vulnerability ID: V-254248
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |