WNDF-AV-000001 - Windows Defender AV must be configured to block the Potentially Unwanted Application (PUA) feature - PUA feature.

Gavin M. Dennis

22 April 2022 04:24

Details

After enabling this feature, PUA protection blocking takes effect on endpoint clients after the next signature update or computer restart. Signature updates take place daily under typical circumstances. PUA will be blocked and automatically quarantined.

Solution

Set the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Defender Antivirus >> 'Configure Detection for Potentially Unwanted Applications' to 'Enabled' and 'Block'.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Defender_Antivirus_V2R3_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.

References

800-53|SI-3c.2.
CAT|I
CCI|CCI-001243
Rule-ID|SV-213426r569189_rule
STIG-ID|WNDF-AV-000001
STIG-Legacy|SV-89827
STIG-Legacy|V-75147
Vuln-ID|V-213426

Source

Tenable.com/audits

PS. Before you go.

Request a quote to protect your organisation from cyber attacks and breaches.

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section