DTAM149 - McAfee VirusScan Access Protection Rules Anti-Virus Standard Protection must be set to prevent remote creation of autorun files.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

Autorun files are used to automatically launch program files, typically setup files from CDs. Preventing other computers from making a connection and creating or altering autorun.inf files can prevent spyware and adware from being executed. There are many spyware and virus programs distributed on CDs.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
Under the Task column, select Access Protection, right-click, and select Properties.

Under the Access Protection tab, locate the 'Access protection rules:' label. In the 'Categories' box, select 'Anti-Virus Standard Protection'.
Select 'Prevent remote creation of autorun files' (Block and Report) options.

Click OK to save.

See Also

https://iasecontent.disa.mil/stigs/zip/U_McAfee_VirusScan88_Local_Client_V5R16_STIG.zip

Item Details

References: CAT|II, CCI|CCI-001242, Rule-ID|SV-55288r2_rule, STIG-ID|DTAM149, Vuln-ID|V-42560

Plugin: Windows

Control ID: d26f225ceb4339d70ace555596251ada9144b92267ae4d478c908a669213e086