The Windows 11 system must use an antivirus program.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-253264 | WN11-00-000045 | SV-253264r1186372_rule | CCI-000366 | high |
| Description | ||||
| Malicious software can establish a base on individual desktops and servers. Employing an automated mechanism to detect this type of software will aid in elimination of the software from the operating system. | ||||
| STIG | Date | |||
| Microsoft Windows 11 Security Technical Implementation Guide | 2026-02-12 | |||
Details
Check Text (C-253264r1186372_chk)
Verify an organizationally approved antivirus solution (Microsoft Defender Antivirus, for example) is installed on the system and in use.
Verify if Microsoft Defender Antivirus is in use or enabled:
Open PowerShell.
Enter "get-service | where {$_.DisplayName -Like "*Defender*"} | Select Status,DisplayName"
Verify third-party antivirus is in use or enabled:
Open PowerShell.
Enter "get-service | where {$_.DisplayName -Like "*mcafee*"} | Select Status,DisplayName"
Enter "get-service | where {$_.DisplayName -Like "*symantec*"} | Select Status,DisplayName"
If there is no antivirus solution installed on the system, this is a finding.
Fix Text (F-56667r828875_fix)
Install Microsoft Defender Antivirus or a third-party antivirus solution.