CCE-96762-0| Platform: cpe:/o:microsoft:windows_11 | Date: (C)2022-05-07 (M)2023-07-04 |
This policy setting allows you to configure scheduled scans to start only when your computer is on but not in use.
If you enable or do not configure this setting, scheduled scans will only run when the computer is on but not in use.
If you disable this setting, scheduled scans will run at the scheduled time.
Countermeasure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Scanning can impact performance.
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\Scan\Start the scheduled scan only when computer is on but not in use
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Scan!ScanOnlyIfIdle
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 7.0 | Attack Vector: LOCAL |
| Exploit Score: 1.0 | Attack Complexity: HIGH |
| Impact Score: 5.9 | Privileges Required: LOW |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:79559 |
