CCE-97699-3| Platform: cpe:/o:microsoft:windows_server_2022:::x64 | Date: (C)2022-06-07 (M)2023-07-04 |
This policy setting allows you to configure scans for malicious software and unwanted software in archive files such as .ZIP or .CAB files.
If you enable or do not configure this setting, archive files will be scanned.
If you disable this setting, archive files will not be scanned.
Countermeasure:
Configure this setting depending on your organization's requirements.
Potential Impact:
Scanning can impact performance.
Parameter:
[enabled/disabled]
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\Scan\Scan archive files
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Scan!DisableArchiveScanning
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 7.0 | Attack Vector: LOCAL |
| Exploit Score: 1.0 | Attack Complexity: HIGH |
| Impact Score: 5.9 | Privileges Required: LOW |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:80957 |
