The Windows 10 system must use an anti-virus program.

STIG ID: WN10-00-000045  |  SRG: SRG-OS-000480-GPOS-00227 | Severity: high |  CCI: CCI-000366

Vulnerability Discussion

Malicious software can establish a base on individual desktops and servers. Employing an automated mechanism to detect this type of software will aid in elimination of the software from the operating system.

Check

Verify an anti-virus solution is installed on the system and in use. The anti-virus solution may be bundled with an approved Endpoint Security Solution.

Verify if Windows Defender is in use or enabled:

Open "PowerShell".

Enter “get-service | where {$_.DisplayName -Like "*Defender*"} | Select Status,DisplayName”

Verify third-party antivirus is in use or enabled:

Open "PowerShell".

Enter “get-service | where {$_.DisplayName -Like "*mcafee*"} | Select Status,DisplayName”

Enter “get-service | where {$_.DisplayName -Like "*symantec*"} | Select Status,DisplayName”

If there is no anti-virus solution installed on the system, this is a finding.

Fix

If no anti-virus software is on the system and in use, install Windows Defender or a third-party anti-virus solution.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.