Details

Multipurpose Internet Mail Extensions (MIME) encoded files can be crafted to hide a malicious payload. When the MIME encoded file is presented to software that decodes the MIME encoded files, such as an email client, the malware is released. Scanning these files as part of the regularly scheduled scans tasks will mitigate this risk.

Solution

Access the local VirusScan console by clicking Start->All Programs->McAfee->VirusScan Console.
In the console window, under Task, with the assistance of the System Administrator, identify the weekly on-demand client scan task.
Right-click the Task and select Properties.

Under the Scan Items tab, locate the ‘Options:’ label. Select the ‘Decode MIME encoded files’ option.

Click OK to Save.

Supportive Information

The following resource is also helpful.

• https://iasecontent.disa.mil/stigs/zip/U_McAfee_VirusScan88_Local_Client_V5R16_STIG.ziphttps://iasecontent.disa.mil/stigs/zip/U_McAfee_VirusScan88_Local_Client_V5R16_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.

References

• 800-53|SI-3c.1.
• CAT|II
• CCI|CCI-001241
• Rule-ID|SV-56404r1_rule
• STIG-ID|DTAM053
• Vuln-ID|V-6612

Source

• Tenable.com/audits