WNDF-AV-000008 – Windows Defender AV must be configured to disable local setting override for reporting to Microsoft MAPS.

Details

This policy setting configures a local override for the configuration to join Microsoft MAPS. This setting can only be set by Group Policy. If you enable this setting the local preference setting will take priority over Group Policy. If you disable or do not configure this setting Group Policy will take priority over the local preference setting.

Solution

This is applicable to unclassified systems, for other systems this is NA.

Set the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Windows Defender Antivirus -> MAPS -> ‘Configure local setting override for reporting to Microsoft MAPS’ to ‘Disabled’ or ‘Not Configured’.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Defender_Antivirus_V2R3_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.

References

800-53|SC-18(4)
CAT|II
CCI|CCI-001170
Rule-ID|SV-213432r569189_rule
STIG-ID|WNDF-AV-000008
STIG-Legacy|SV-89841
STIG-Legacy|V-75161
Vuln-ID|V-213432

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles