WNDF-AV-000029 - Microsoft Defender AV virus definition age must not exceed 7 days.

Information

This policy setting allows defining the number of days that must pass before virus definitions are considered out of date. If definitions are determined to be out of date, this state may trigger several additional actions, including falling back to an alternative update source or displaying a warning icon in the user interface. By default, this value is set to 14 days.

If this setting is enabled, virus definitions will be considered out of date after the number of days specified have passed without an update. If this setting is disabled or not configured, virus definitions will be considered out of date after the default number of days have passed without an update.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Set the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Microsoft Defender Antivirus >> Signature Updates >> 'Define the number of days before virus definitions are considered out of date' to 'Enabled' and select '7' or less in the drop-down box.

Do not select a value of 0. This disables the option.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Defender_Antivirus_V2R4_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-3b., CAT|I, CCI|CCI-001240, Rule-ID|SV-213453r823075_rule, STIG-ID|WNDF-AV-000029, STIG-Legacy|SV-89923, STIG-Legacy|V-75243, Vuln-ID|V-213453

Plugin: Windows

Control ID: c18c01bcff74fc8b303dd8bf376f4eb04cb92e0ade24f71eb21068d78023b7b2