UCF STIG Viewer Logo

The McAfee MOVE AV SVM Settings policy must be configured to scan for potentially unwanted programs.


Overview

Finding ID Version Rule ID IA Controls Severity
V-78571 MV45-SVM-000005 SV-93277r1_rule Medium
Description
Due to the ability of malware to mutate after infection, standard anti-virus signatures may not be able to catch new strains or variants of the malware. Typically, these strains and variants will share unique characteristics with others in their virus family. By using a generic signature to detect the shared characteristics, using wildcards where differences lie, the generic signature can detect viruses even if they are padded with extra, meaningless code. This method of detection is heuristic detection.
STIG Date
McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide 2018-07-09

Details

Check Text ( C-78141r1_chk )
Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "SVM Settings".

Select each configured SVM Settings policy.

Click "Show Advanced".

Under "Scanning Options", verify the "Enable scanning for potentially unwanted programs" check box is selected.

If the check box for "Enable scanning for potentially unwanted programs" is not selected, this is a finding.
Fix Text (F-85307r1_fix)
Access the McAfee ePO console.

Select Menu >> Policy >> Policy Catalog and then select "MOVE AntiVirus 4.5.0" from the Product list.

From the Category list, select "SVM Settings".

Select each configured SVM Settings policy.

Click "Show Advanced".

Under "Scanning Options", select the "Enable scanning for potentially unwanted programs" check box.

Click "Save".