An error occurred:

Check: 5.007

Windows 2003 MS STIG: 5.007 (in version v6 r37)

Title

An approved, up-to-date, DOD antivirus program must be installed and used. (Cat I impact)

Discussion

Antivirus programs are a primary line of defense against the introduction of viruses and malicious code that can destroy data and even render a computer inoperable. Utilizing an antivirus program provides the ability to detect malicious code before extensive damage occurs. Updated virus scan data files help to protect a system, since new malware are identified by the software vendors on a continual basis.

Check Content

V-19910 has been added as part of the McAfee and Symantec antivirus STIGs for signature files. If the system uses one of these programs, address them with that requirement and mark this one as N/A. If none of the following products are installed and supported at an appropriate maintenance level, this is a finding: Symantec Antivirus at the following level is not installed: Corporate Edition Version 9.0.6 or higher Corporate Edition Version 10.x or higher Endpoint Protection Version 11.0 or higher McAfee’s Antivirus Version 8.0 or higher is not installed. And The antivirus signature file is out of date. If the antivirus program signature file has not been dated within the past 7 days, this is a finding. Note: The version numbers and the date of the signature file can generally be checked by starting the antivirus program from the toolbar icon or from the Start menu. The information may appear in the antivirus window or be available in the Help > About window. The location varies from product to product. Note: E-mail versions of antivirus software are not acceptable as protection for Windows operating systems. However, both the e-mail antivirus software and the operating system antivirus software can coexist and run on the same system. Documentable Explanation: If another recognized antivirus product is installed and has a current signature file, this would still be a finding, but the severity code can be reduced to a Category III.

Fix Text

Configure the system with supported, DoD-approved antivirus software. Ensure the signature file is current.

Additional Identifiers

Rule ID: SV-29468r2_rule

Vulnerability ID: V-1074

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000366

Implement the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-6

Configuration Settings