Mcafee Policy Auditor Content Update V1183

2016-Apr-14

McAfee Policy Auditor Content Update Summary

Product / Version Content Version

McAfee Policy Auditor 6.x 1183

New Checks

Oval ID Title oval:com.mcafee.oval.common:def:2485596 Google Chrome Security Update 49.0.2623.108 for Windows oval:com.mcafee.oval.common:def:2485690 APSB16-10 Vulnerability Security Update 21.0.0.213 for Adobe Flash Player oval:com.mcafee.oval.common:def:2485692 APSB16-10 Vulnerability Security Update 18.0.0.343 for Adobe Flash Player oval:com.mcafee.oval.common:def:2485712 Google Chrome Security Update 49.0.2623.108 for Windows oval:com.mcafee.oval.gen:def:356458 MS16-050 Security Update for Adobe Flash Player for Windows Server 2012 R2 (KB3154132) oval:com.mcafee.oval.gen:def:356459 MS16-050 Security Update for Adobe Flash Player for Windows Server 2012 (KB3154132) oval:com.mcafee.oval.gen:def:356460 MS16-050 Security Update for Adobe Flash Player for Windows 8.1 for x64-based Systems (KB3154132) oval:com.mcafee.oval.gen:def:356461 MS16-050 Security Update for Adobe Flash Player for Windows 8.1 (KB3154132) oval:com.mcafee.oval.gen:def:356462 MS16-050 Security Update for Adobe Flash Player for Windows 10 (KB3154132) oval:com.mcafee.oval.gen:def:356463 MS16-050 Security Update for Adobe Flash Player for Windows 10 for x64-based Systems (KB3154132) oval:com.mcafee.oval.gen:def:356464 MS16-050 Security Update for Adobe Flash Player for Windows 10 Version 1511 (KB3154132) oval:com.mcafee.oval.gen:def:356465 MS16-050 Security Update for Adobe Flash Player for Windows 10 Version 1511 for x64-based Systems (KB3154132) oval:com.mcafee.oval.gen:def:356469 MS16-048 Security Update for Windows Server 2012 R2 (KB3146723) oval:com.mcafee.oval.gen:def:356470 MS16-048 Security Update for Windows 8.1 (KB3146723) oval:com.mcafee.oval.gen:def:356471 MS16-048 Security Update for Windows Server 2012 (KB3146723) oval:com.mcafee.oval.gen:def:356472 MS16-048 Security Update for Windows 8.1 for x64-based Systems (KB3146723) oval:com.mcafee.oval.gen:def:356476 MS16-047 Security Update for Windows 7 (KB3149090) oval:com.mcafee.oval.gen:def:356477 MS16-047 Security Update for Windows 7 for x64-based Systems (KB3149090) oval:com.mcafee.oval.gen:def:356478 MS16-047 Security Update for Windows Server 2012 R2 (KB3149090) oval:com.mcafee.oval.gen:def:356479 MS16-047 Security Update for Windows Embedded Standard 7 (KB3149090) oval:com.mcafee.oval.gen:def:356480 MS16-047 Security Update for Windows Server 2008 (KB3149090) Oval ID Title oval:com.mcafee.oval.gen:def:356481 MS16-047 Security Update for Windows Vista for x64-based Systems (KB3149090) oval:com.mcafee.oval.gen:def:356482 MS16-047 Security Update for Windows Server 2008 x64 Edition (KB3149090) oval:com.mcafee.oval.gen:def:356483 MS16-047 Security Update for Windows 8.1 (KB3149090) oval:com.mcafee.oval.gen:def:356484 MS16-047 Security Update for Windows 8.1 for x64-based Systems (KB3149090) oval:com.mcafee.oval.gen:def:356485 MS16-047 Security Update for Windows Server 2012 (KB3149090) oval:com.mcafee.oval.gen:def:356486 MS16-047 Security Update for Windows Server 2008 R2 x64 Edition (KB3149090) oval:com.mcafee.oval.gen:def:356487 MS16-047 Security Update for Windows Embedded Standard 7 for x64-based Systems (KB3149090) oval:com.mcafee.oval.gen:def:356488 MS16-047 Security Update for Windows Vista (KB3149090) oval:com.mcafee.oval.gen:def:356492 MS16-045 Security Update for Windows 8.1 for x64-based Systems (KB3135456) oval:com.mcafee.oval.gen:def:356493 MS16-045 Security Update for Windows Server 2012 R2 (KB3135456) oval:com.mcafee.oval.gen:def:356494 MS16-045 Security Update for Windows Server 2012 (KB3135456) oval:com.mcafee.oval.gen:def:356498 MS16-044 Security Update for Windows 8.1 for x64-based Systems (KB3146706) oval:com.mcafee.oval.gen:def:356499 MS16-044 Security Update for Windows Server 2012 R2 (KB3146706) oval:com.mcafee.oval.gen:def:356500 MS16-044 Security Update for Windows 7 (KB3146706) oval:com.mcafee.oval.gen:def:356501 MS16-044 Security Update for Windows 8.1 (KB3146706) oval:com.mcafee.oval.gen:def:356502 MS16-044 Security Update for Windows Embedded Standard 7 (KB3146706) oval:com.mcafee.oval.gen:def:356503 MS16-044 Security Update for Windows 7 for x64-based Systems (KB3146706) oval:com.mcafee.oval.gen:def:356504 MS16-044 Security Update for Windows Server 2012 (KB3146706) oval:com.mcafee.oval.gen:def:356505 MS16-044 Security Update for Windows Server 2008 R2 x64 Edition (KB3146706) oval:com.mcafee.oval.gen:def:356506 MS16-044 Security Update for Windows Embedded Standard 7 for x64-based Systems (KB3146706) oval:com.mcafee.oval.gen:def:356507 MS16-044 Security Update for Windows Vista for x64-based Systems (KB3146706) oval:com.mcafee.oval.gen:def:356508 MS16-044 Security Update for Windows Vista (KB3146706) oval:com.mcafee.oval.gen:def:356509 MS16-044 Security Update for Windows Server 2008 (KB3146706) oval:com.mcafee.oval.gen:def:356510 MS16-044 Security Update for Windows Server 2008 x64 Edition (KB3146706) oval:com.mcafee.oval.gen:def:356528 MS16-041 Security Update for Microsoft .NET Framework 4.6 on Windows 7, Windows Vista and Windows Server 2008 (KB3143693) oval:com.mcafee.oval.gen:def:356554 MS16-041 Security Update for Microsoft .NET Framework 4.6 on Windows 7, Windows Vista, Server 2008, Server 2008 R2 for x64 (KB3143693) oval:com.mcafee.oval.gen:def:356558 MS16-040 Security Update for Windows Embedded Standard 7 for x64-based Systems (KB3146963) oval:com.mcafee.oval.gen:def:356559 MS16-040 Security Update for Windows Server 2012 R2 (KB3146963) oval:com.mcafee.oval.gen:def:356560 MS16-040 Security Update for Windows Vista (KB3146963) oval:com.mcafee.oval.gen:def:356561 MS16-040 Security Update for Windows Server 2008 (KB3146963) Oval ID Title oval:com.mcafee.oval.gen:def:356562 MS16-040 Security Update for Windows Vista for x64-based Systems (KB3146963) oval:com.mcafee.oval.gen:def:356563 MS16-040 Security Update for Windows Server 2008 x64 Edition (KB3146963) oval:com.mcafee.oval.gen:def:356564 MS16-040 Security Update for Windows Embedded Standard 7 (KB3146963) oval:com.mcafee.oval.gen:def:356565 MS16-040 Security Update for Windows 8.1 (KB3146963) oval:com.mcafee.oval.gen:def:356566 MS16-040 Security Update for Windows 8.1 for x64-based Systems (KB3146963) oval:com.mcafee.oval.gen:def:356567 MS16-040 Security Update for Windows Server 2012 (KB3146963) oval:com.mcafee.oval.gen:def:356568 MS16-040 Security Update for Windows 7 (KB3146963) oval:com.mcafee.oval.gen:def:356569 MS16-040 Security Update for Windows 7 for x64-based Systems (KB3146963) oval:com.mcafee.oval.gen:def:356570 MS16-040 Security Update for Windows Server 2008 R2 x64 Edition (KB3146963) oval:com.mcafee.oval.gen:def:356574 MS16-039 Security Update for Windows 8.1 (KB3145739) oval:com.mcafee.oval.gen:def:356575 MS16-039 Security Update for Windows 8.1 for x64-based Systems (KB3145739) oval:com.mcafee.oval.gen:def:356576 MS16-039 Security Update for Windows Server 2012 (KB3145739) oval:com.mcafee.oval.gen:def:356577 MS16-039 Security Update for Windows 7 (KB3145739) oval:com.mcafee.oval.gen:def:356578 MS16-039 Security Update for Windows 7 for x64-based Systems (KB3145739) oval:com.mcafee.oval.gen:def:356579 MS16-039 Security Update for Windows Server 2012 R2 (KB3145739) oval:com.mcafee.oval.gen:def:356580 MS16-039 Security Update for Windows Server 2008 R2 x64 Edition (KB3145739) oval:com.mcafee.oval.gen:def:356581 MS16-039 Security Update for Windows Vista for x64-based Systems (KB3145739) oval:com.mcafee.oval.gen:def:356582 MS16-039 Security Update for Windows Server 2008 x64 Edition (KB3145739) oval:com.mcafee.oval.gen:def:356583 MS16-039 Security Update for Windows Vista (KB3145739) oval:com.mcafee.oval.gen:def:356584 MS16-039 Security Update for Windows Server 2008 (KB3145739) oval:com.mcafee.oval.gen:def:356585 MS16-039 Security Update for Windows Embedded Standard 7 (KB3145739) oval:com.mcafee.oval.gen:def:356586 MS16-039 Security Update for Windows Embedded Standard 7 for x64-based Systems (KB3145739) oval:com.mcafee.oval.gen:def:356590 MS16-039 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 (KB3142042) oval:com.mcafee.oval.gen:def:356591 MS16-039 Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64 (KB3142042) oval:com.mcafee.oval.gen:def:356595 MS16-039 Security Update for Microsoft .NET Framework 3.5 on Windows Server 2012 for x64 (KB3142043) oval:com.mcafee.oval.gen:def:356599 MS16-039 Security Update for Microsoft .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2 for x64 (KB3142045) oval:com.mcafee.oval.gen:def:356600 MS16-039 Security Update for Microsoft .NET Framework 3.5 on Windows 8.1 (KB3142045) oval:com.mcafee.oval.gen:def:356604 MS16-039 Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 for x64 (KB3142041) oval:com.mcafee.oval.gen:def:356605 MS16-039 Security Update for Microsoft .NET Framework 3.0 SP2 on Windows Vista SP2 and Windows Server 2008 SP2 (KB3142041) Oval ID Title oval:com.mcafee.oval.gen:def:356609 MS16-037 Cumulative Security Update for Internet Explorer 10 for Windows Server 2012 (KB3148198) oval:com.mcafee.oval.gen:def:356610 MS16-037 Cumulative Security Update for Internet Explorer 11 for Windows Server 2012 R2 (KB3148198) oval:com.mcafee.oval.gen:def:356611 MS16-037 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 x64 Edition (KB3148198) oval:com.mcafee.oval.gen:def:356612 MS16-037 Cumulative Security Update for Internet Explorer 9 for Windows Vista for x64-based Systems (KB3148198) oval:com.mcafee.oval.gen:def:356613 MS16-037 Cumulative Security Update for Internet Explorer 9 for Windows Vista (KB3148198) oval:com.mcafee.oval.gen:def:356614 MS16-037 Cumulative Security Update for Internet Explorer 9 for Windows Server 2008 (KB3148198) oval:com.mcafee.oval.gen:def:356615 MS16-037 Cumulative Security Update for Internet Explorer 11 for Windows 7 (KB3148198) oval:com.mcafee.oval.gen:def:356616 MS16-037 Cumulative Security Update for Internet Explorer 11 for Windows Embedded Standard 7 (KB3148198) oval:com.mcafee.oval.gen:def:356617 MS16-037 Cumulative Security Update for Internet Explorer 11 for Windows Embedded Standard 7 for x64-based Systems (KB3148198) oval:com.mcafee.oval.gen:def:356618 MS16-037 Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB3148198) oval:com.mcafee.oval.gen:def:356619 MS16-037 Cumulative Security Update for Internet Explorer 11 for Windows Server 2008 R2 for x64-based Systems (KB3148198) oval:com.mcafee.oval.gen:def:356620 MS16-037 Cumulative Security Update for Internet Explorer 11 for Windows 8.1 for x64-based Systems (KB3148198) oval:com.mcafee.oval.gen:def:356621 MS16-037 Cumulative Security Update for Internet Explorer 11 for Windows 8.1 (KB3148198) oval:com.mcafee.oval.gen:def:356625 MS16-037 Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3147458) oval:com.mcafee.oval.gen:def:356626 MS16-037 Cumulative Update for Windows 10 Version 1511 (KB3147458) oval:com.mcafee.oval.gen:def:356630 MS16-037 Cumulative Update for Windows 10 for x64-based Systems (KB3147461) oval:com.mcafee.oval.gen:def:356631 MS16-037 Cumulative Update for Windows 10 (KB3147461) oval:com.mcafee.oval:def:2485596 Google Chrome Security Update 49.0.2623.108 for Windows oval:com.mcafee.oval:def:2485653 MS16-042 -Security Update for Microsoft Office Excel 2007 Service Pack 3 (KB3114892) oval:com.mcafee.oval:def:2485654 MS16-042 - Security Update for Microsoft Office Web Apps Server 2013 SP1 (KB3114934) oval:com.mcafee.oval:def:2485655 MS16-042 - Security Update for Microsoft Office Web Apps 2010 SP2 (KB3114994) oval:com.mcafee.oval:def:2485656 MS16-042 - Security Update for Microsoft Office Sharepoint Server 2013 SP1 Word Automation Services (KB3114927) oval:com.mcafee.oval:def:2485657 MS16-042 - Security Update for Microsoft Office Sharepoint Server 2010 SP2 Word Automation Services (KB3114988) Oval ID Title oval:com.mcafee.oval:def:2485658 MS16-042 - Security Update for Microsoft SharePoint Server 2010 SP2 Excel Services (KB31148711) oval:com.mcafee.oval:def:2485659 MS16-042 - Security Update for Microsoft Office SharePoint Server 2007 Service Pack 3 (KB3114897) oval:com.mcafee.oval:def:2485660 MS16-042 - Security Update for Microsoft Office Excel Viewer 2007 Service Pack 3 (KB3114898) oval:com.mcafee.oval:def:2485661 MS16-042 - Security Update for Microsoft Office Compatibility Pack SP3 (KB3114895) oval:com.mcafee.oval:def:2485662 MS16-042 - Security Update for Microsoft Office Compatibility Pack SP3 (KB3114982) oval:com.mcafee.oval:def:2485663 MS16-042 - Security Update for Microsoft Office Excel 2016 (KB3114964) oval:com.mcafee.oval:def:2485664 MS16-042 - Security Update for Microsoft Office Word 2013 SP1 (KB3114937) oval:com.mcafee.oval:def:2485665 MS16-042 - Security Update for Microsoft Office Excel 2013 SP1 (KB3114947) oval:com.mcafee.oval:def:2485666 MS16-042 - Security Update for Microsoft Office Word 2010 SP2 (KB3114993) oval:com.mcafee.oval:def:2485667 MS16-042 - Security Update for Microsoft Office Excel 2010 SP2 (KB3114888) oval:com.mcafee.oval:def:2485668 MS16-042 - Security Update for Microsoft Office Word 2007 SP3 (KB3114983) oval:com.mcafee.oval:def:2485669 MS16-042 - Security Update for Microsoft Office Word Viewer 2003 (KB3114987) oval:com.mcafee.oval:def:2485670 MS16-039 - Security Update for Microsoft Lync 2010 (KB3144427) oval:com.mcafee.oval:def:2485671 MS16-039 - Security Update for Microsoft Office Live Meeting 2007 Console (KB3144432) oval:com.mcafee.oval:def:2485672 MS15-128 - Security Update for Microsoft Office Live Meeting 2007 Console (KB3115875) oval:com.mcafee.oval:def:2485673 MS16-039 - Security Update for Microsoft Lync 2010 Attendee Admin Level Install (KB3144429) oval:com.mcafee.oval:def:2485674 MS16-039 - Security Update for Microsoft Lync 2010 Attendee User Level Install (KB3144428) oval:com.mcafee.oval:def:2485675 MS16-039 - Security Update for Microsoft Office 2007 SP3 (KB3114542) oval:com.mcafee.oval:def:2485676 MS16-039 - Security Update for Microsoft Lync 2013 Service Pack 1 (KB3114944) oval:com.mcafee.oval:def:2485677 MS16-039 - Security Update for Microsoft Skype for Business 2016 (KB3114960) oval:com.mcafee.oval:def:2485678 MS16-039 - Security Update for Microsoft Office Word Viewer 2003 (KB3114985) oval:com.mcafee.oval:def:2485679 MS16-039 - Security Update for Microsoft Office 2010 SP2 (KB3114566) oval:com.mcafee.oval:def:2485689 APSB16-10 Vulnerability Security Update 21.0.0.213 for Adobe Flash Player for Mac oval:com.mcafee.oval:def:2485690 Adobe Flash Player Security Update 21.0.0.213 for Vulnerability id APSB16-10 is installed or not oval:com.mcafee.oval:def:2485691 APSB16-10 Vulnerability Security Update 18.0.0.343 for Adobe Flash Player for Mac oval:com.mcafee.oval:def:2485692 Adobe Flash Player Security Update 18.0.0.343 for Vulnerability id APSB16-10 is installed or not oval:com.mcafee.oval:def:2485712 Google Chrome Security Update 49.0.2623.108 for Windows Oval ID Title oval:com.mcafee.oval:def:2488146 Test the configuration status of Mail Transfer Agent (MTA) for local-only mode oval:com.mcafee.oval:def:2488153 Configure Network Time Protocol (NTP) in /etc/ntp.conf oval:com.mcafee.oval:def:2488158 Set Boot Loader Password oval:com.mcafee.oval:def:2488163 Test if the system logon banner is set correctly - /etc/gdm3/greeter.dconf-defaults oval:com.mcafee.oval:def:2488168 Set default umask for users - /etc/bash.bashrc oval:com.mcafee.oval:def:2488169 Password history should be set to an appropriate value oval:com.mcafee.oval:def:2488170 Test If file exists - /var/log/localmessages oval:com.mcafee.oval:def:2488171 Test If file exists - /var/log/warn oval:com.mcafee.oval:def:2488172 Test If file exists - /var/log/news/news.notice oval:com.mcafee.oval:def:2488173 Test If file exists - /var/log/news/news.err oval:com.mcafee.oval:def:2488174 Test If file exists - /var/log/news/news.crit oval:com.mcafee.oval:def:2488175 Test If file exists - /var/log/mail.err oval:com.mcafee.oval:def:2488176 Test If file exists - /var/log/mail.warn oval:com.mcafee.oval:def:2488177 Test If file exists - /var/log/mail.info oval:com.mcafee.oval:def:2488178 Test If file exists - /var/log/mail oval:com.mcafee.oval:def:2488182 Enable Auditing for Processes That Start Prior to auditd in /boot/grub/grub.cfg oval:com.mcafee.oval:def:2488187 Test the enable or disable status for - net.ipv6.conf.lo.disable_ipv6 oval:com.mcafee.oval:def:2488192 Test the enable or disable status for - net.ipv6.conf.default.disable_ipv6 oval:com.mcafee.oval:def:2488199 Test the enable / disable status for - rsync oval:com.mcafee.oval:def:2488200 The specified package should not be installed. oval:com.mcafee.oval:def:2488204 Configuration - Activate AppArmor oval:com.mcafee.oval:def:2488208 The specified package should be installed. oval:com.mcafee.oval:def:2488215 Test the enable / disable status for -PRELINKING oval:com.mcafee.oval:def:2488216 Test the group owner of the file - /boot/grub/grub.cfg oval:com.mcafee.oval:def:2488217 Test the owner of the file - /boot/grub/grub.cfg oval:com.mcafee.oval:def:2488218 Test the permissions of the file - /boot/grub/grub.cfg oval:com.mcafee.oval:def:2488229 Require Authentication for Single-User Mode

Updated Checks

Oval ID Title oval:com.mcafee.oval:def:7203 Password policy, Minimum password age - PASS_MIN_DAYS oval:com.mcafee.oval:def:7199 Password policy, Maximum password age - PASS_MAX_DAYS oval:com.mcafee.oval:def:6946 Test the permissions of the file - /etc/shadow oval:com.mcafee.oval:def:6922 Test the permissions of the file - /etc/passwd Oval ID Title oval:com.mcafee.oval:def:6898 Test the permissions of the file- /etc/group oval:com.mcafee.oval:def:6894 Test the permissions of the file - /etc/crontab oval:com.mcafee.oval:def:6890 Test the permissions of the directory - /etc/cron.weekly oval:com.mcafee.oval:def:6886 Test the permissions of the directory - /etc/cron.monthly oval:com.mcafee.oval:def:6882 Test the permissions of the directory - /etc/cron.hourly oval:com.mcafee.oval:def:6878 Test the permissions of the directory - /etc/cron.daily oval:com.mcafee.oval:def:6874 Test the permissions of the directory - /etc/cron.d oval:com.mcafee.oval:def:6835 Root is the only account with uid zero. oval:com.mcafee.oval:def:7276 Test the group ower of the file - /etc/cron.allow oval:com.mcafee.oval:def:7245 Test the group owner of the file - /etc/at.allow oval:com.mcafee.oval:def:200803100004 Test if the system login banner text is set correctly - /etc/issue oval:com.mcafee.oval:def:200803070538 Password policy, Password warning age - PASS_WARN_AGE oval:com.mcafee.oval:def:200802250160 Test the owner of the file - /etc/shadow oval:com.mcafee.oval:def:200802290140 Test the group owner of the file - /etc/shadow oval:com.mcafee.oval:def:200802250144 Test the owner of the file - /etc/passwd oval:com.mcafee.oval:def:200802290144 Test the group owner of the file - /etc/passwd oval:com.mcafee.oval:def:200802250132 Test the owner of the file - /etc/group oval:com.mcafee.oval:def:200802290128 Test the group owner of the file - /etc/group oval:com.mcafee.oval:def:200802250128 Test the owner of the file - /etc/crontab oval:com.mcafee.oval:def:200802290132 Test the group owner of the file - /etc/crontab oval:com.mcafee.oval:def:200802250124 Test the owner of the directory - /etc/cron.weekly oval:com.mcafee.oval:def:200802290112 Test the group owner of the directory - /etc/cron.weekly oval:com.mcafee.oval:def:200802250120 Test the owner of the directory - /etc/cron.monthly oval:com.mcafee.oval:def:200802290116 Test the group owner of the directory - /etc/cron.monthly oval:com.mcafee.oval:def:200802250116 Test the owner of the directory - /etc/cron.hourly oval:com.mcafee.oval:def:78712 Test the permissions of the file - /etc/issue oval:com.mcafee.oval:def:200802290120 Test the group owner of the directory - /etc/cron.hourly oval:com.mcafee.oval:def:200802250112 Test the owner of directory - /etc/cron.daily oval:com.mcafee.oval:def:200802290100 Test the group owner of directory - /etc/cron.daily oval:com.mcafee.oval:def:200802250108 Test the owner of the directory - /etc/cron.d oval:com.mcafee.oval:def:8665 Test the enable or disable status for - SSH X11 forwarding oval:com.mcafee.oval:def:8666 Test the enable / disable status for - SSH integration with .rhosts oval:com.mcafee.oval:def:200803050006 Test the enable / disable status for - SSH host-based authentication oval:com.mcafee.oval:def:200803050011 Test the enable / disable status for - Root login via SSH Oval ID Title oval:com.mcafee.oval:def:50114 Limit access to the root account from su oval:com.mcafee.oval:def:79005 Test the enable / disable status for - net.ipv4.conf.all.accept_source_route oval:com.mcafee.oval:def:200803030108 Test the enable / disable status for - net.ipv4.icmp_echo_ignore_broadcasts oval:com.mcafee.oval:def:200803030076 Test the enable / disable status for - net.ipv4.conf.all.send_redirects oval:com.mcafee.oval:def:200803030006 Test the enable / disable status for - net.ipv4.conf.all.secure_redirects oval:com.mcafee.oval:def:78877 Test the owner of the file - /etc/motd oval:com.mcafee.oval:def:99165 Inetd based service - ntalk - running state oval:com.mcafee.oval:def:206078 Inetd based service - discard (udp) - running state oval:com.mcafee.oval:def:200803160066 Inetd based service - tftp - running state oval:com.mcafee.oval:def:200803160060 Inetd based service - telnet - running state oval:com.mcafee.oval:def:200803160016 Inetd based service - exec - running state oval:com.mcafee.oval:def:200803160001 Inetd based service - echo (tcp) - running state oval:com.mcafee.oval:def:200803160004 Inetd based service - discard (tcp) - running state oval:com.mcafee.oval:def:200803160007 Inetd based service - daytime (tcp) - running state oval:com.mcafee.oval:def:200803160010 Inetd based service - chargen (tcp) - running state oval:com.mcafee.oval:def:226850 Inetd based service - time - running status oval:com.mcafee.oval:def:50620 Test the enable / disable status for - net.ipv4.ip_forward oval:com.mcafee.oval:def:50617 Test the enable / disable status for - net.ipv4.conf.default.secure_redirects oval:com.mcafee.oval:def:50614 Test the enable / disable status for - net.ipv4.conf.default.accept_redirects oval:com.mcafee.oval:def:50583 Test the enable or disable status for - net.ipv4.conf.all.accept_redirects oval:com.mcafee.oval:def:50638 Test the enable / disable status for - net.ipv4.tcp_syncookies oval:com.mcafee.oval:def:50586 Test the enable / disable status for - net.ipv4.conf.default.rp_filter oval:com.mcafee.oval:def:50612 Test the enable / disable status for - net.ipv4.conf.default.accept_source_route oval:com.mcafee.oval:def:50580 Test the enable / disable status for - net.ipv4.conf.all.rp_filter oval:com.mcafee.oval:def:50610 Test the enable / disable status for - net.ipv4.conf.all.log_martians oval:com.mcafee.oval:def:50671 Test if the Access control files contain a plus sign - /etc/shadow oval:com.mcafee.oval:def:50674 Test if the Access control files contain a plus sign - /etc/passwd oval:com.mcafee.oval:def:50676 Test if the Access control files contain a plus sign - /etc/group oval:com.mcafee.oval:def:200805200508 Inetd based service - login - running state oval:com.mcafee.oval.windows:def:6662 Network - Microsoft Peer-to-Peer Networking Services: Turn Off Microsoft Peer-to-Peer Networking Services oval:com.mcafee.oval.windows:def:6661 Network - Link Layer Topology: Turn on Responder (RSPNDR) driver oval:com.mcafee.oval.windows:def:6660 Network - Link Layer Topology: Turn on Mapper I/O (LLTDIO) driver oval:com.mcafee.oval.windows:def:6063 MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure DefaultGateway addresses (could lead to DoS) Oval ID Title oval:com.mcafee.oval.windows:def:126 MSS: (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default) oval:com.mcafee.oval.windows:def:118 MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers oval:com.mcafee.oval.windows:def:115 MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds oval:com.mcafee.oval.windows:def:113 MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes oval:com.mcafee.oval:def:59996 Local Policies - User Rights Assignment: Allow logon through Remote Desktop / Terminal Services oval:com.mcafee.oval:def:206076 Inetd based service - daytime (udp) - running state oval:com.mcafee.oval:def:206073 Inetd based service - echo (udp) - running state oval:com.mcafee.oval:def:78873 Test the owner of the file - /etc/issue oval:com.mcafee.oval:def:78697 Test the permissions of the file - /etc/at.allow oval:com.mcafee.oval:def:78708 Test the permissions of the file - /etc/hosts.allow oval:com.mcafee.oval:def:78787 Test the group owner of the file - /etc/hosts.deny oval:com.mcafee.oval:def:78813 Test the group owner of the file - /etc/ssh/sshd_config oval:com.mcafee.oval:def:78791 Test the group owner of the file - /etc/issue oval:com.mcafee.oval:def:78733 Test the permissions of the file - /etc/ssh/sshd_config oval:com.mcafee.oval:def:78795 Test the group owner of the file - /etc/motd oval:com.mcafee.oval:def:78870 Test the owner of the file - /etc/hosts.deny oval:com.mcafee.oval:def:78859 Test the owner of the file - /etc/at.allow oval:com.mcafee.oval:def:78869 Test the owner of the file - /etc/hosts.allow oval:com.mcafee.oval:def:79006 Test the enable / disable status for - net.ipv4.conf.default.send_redirects oval:com.mcafee.oval:def:78792 Test the group owner of the file - /etc/issue.net oval:com.mcafee.oval:def:78861 Test the owner of the file - /etc/cron.allow oval:com.mcafee.oval:def:78874 Test the owner of the file - /etc/issue.net oval:com.mcafee.oval:def:97902 Test the enable / disable status for - SSH Permit Empty Passwords oval:com.mcafee.oval:def:78713 Test the permissions of the file - /etc/issue.net oval:com.mcafee.oval:def:78699 Test the permissions of the file - /etc/cron.allow oval:com.mcafee.oval:def:78707 Test the permissions of the file - /etc/hosts.deny oval:com.mcafee.oval:def:78840 Test the group owner of the directory - /etc/cron.d oval:com.mcafee.oval:def:78786 Test the group owner of the file - /etc/hosts.allow oval:com.mcafee.oval:def:78890 Test the owner of the file - /etc/ssh/sshd_config oval:com.mcafee.oval:def:78716 Test the permissions of the file - /etc/motd oval:com.mcafee.oval:def:101091 Local Policies - Security Options - MSS: (TCPMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted (3 recommended, 5 is default) Oval ID Title oval:com.mcafee.oval:def:226842 Inetd based service - talk - running status oval:com.mcafee.oval:def:231137 Test If file exists - /etc/hosts.allow oval:com.mcafee.oval:def:230327 Test the enable / disable status for - SSH Banner oval:com.mcafee.oval:def:230333 Test the configuration status for - SSH Protocol oval:com.mcafee.oval:def:230890 Test the group owner of the account - root oval:com.mcafee.oval:def:231138 Test If file exists - /etc/hosts.deny oval:com.mcafee.oval:def:236469 All GIDs referenced in the /etc/passwd file must be defined in the /etc/group file. oval:com.mcafee.oval:def:230021 System - Logon: Turn off app notifications on the lock screen oval:com.mcafee.oval:def:238498 No accounts with empty password fields oval:com.mcafee.oval:def:238335 Test if the file - /etc/at.allow exists oval:com.mcafee.oval:def:238336 Test if the file - /etc/cron.allow exists oval:com.mcafee.oval:def:239206 Test the existence of the file - /etc/at.deny oval:com.mcafee.oval:def:239207 Test the existence of the file - /etc/cron.deny oval:com.mcafee.oval:def:245632 Inetd based service - shell - running status oval:com.mcafee.oval:def:215796 Windows Components - Remote Desktop Services - Remote Desktop Session Host - Security: Require secure RPC communication oval:com.mcafee.oval:def:215800 Windows Components - Remote Desktop Services - Remote Desktop Session Host - Device and Resource Redirection: Do not allow LPT port redirection oval:com.mcafee.oval:def:215801 Windows Components - Remote Desktop Services - Remote Desktop Session Host - Device and Resource Redirection: Do not allow supported Plug and Play device redirection oval:com.mcafee.oval:def:215799 Windows Components - Remote Desktop Services - Remote Desktop Session Host - Device and Resource Redirection: Do not allow COM port redirection oval:com.mcafee.oval:def:215794 System - Group Policy: Turn off background refresh of Group Policy oval:com.mcafee.oval:def:249542 Accept Remote rsyslog Messages Only on Designated Log Hosts oval:com.mcafee.oval:def:246577 Check That Users Are Assigned Valid Home Directories oval:com.mcafee.oval:def:249886 Make the Audit Configuration Immutable oval:com.mcafee.oval:def:242732 Test the configuration status for - SSH PermitUserEnvironment oval:com.mcafee.oval:def:242722 Test the status of - SSH LogLevel oval:com.mcafee.oval:def:249937 Filesystem Configuration - Create Separate Partition for /home oval:com.mcafee.oval:def:249406 Configure rsyslog to Send Logs to a Remote Log Host oval:com.mcafee.oval:def:248531 Disable IPv6 Redirect Acceptance - net.ipv6.conf.all.accept_redirects oval:com.mcafee.oval:def:249983 Collect Session Initiation Information oval:com.mcafee.oval:def:249938 Filesystem Configuration - Create Separate Partition for /tmp oval:com.mcafee.oval:def:245583 Test the enable / disable status for - net.ipv4.icmp_ignore_bogus_error_responses oval:com.mcafee.oval:def:249940 Filesystem Configuration - Create Separate Partition for /var/log Oval ID Title oval:com.mcafee.oval:def:249941 Filesystem Configuration - Create Separate Partition for /var/log/audit oval:com.mcafee.oval:def:242756 Remove OS Information from Login Warning Banners - /etc/issue oval:com.mcafee.oval:def:249650 Keep All Auditing Information oval:com.mcafee.oval:def:242750 Test if the system login warning banner text is set correctly - /etc/issue.net oval:com.mcafee.oval:def:249902 Collect Changes to System Administration Scope (sudoers) oval:com.mcafee.oval:def:242766 Remove OS Information from Login Warning Banners - /etc/issue.net oval:com.mcafee.oval:def:242747 Test the status of - SSH Access Limit oval:com.mcafee.oval:def:242727 Test the status of - SSH MaxAuthTries oval:com.mcafee.oval:def:402023 Advanced Intrusion Detection Environment - Implement Periodic Execution of File Integrity oval:com.mcafee.oval:def:250220 Filesystem Configuration - Set nodev option for Partitions in /etc/fstab oval:com.mcafee.oval:def:242757 Remove OS Information from Login Warning Banners - /etc/motd oval:com.mcafee.oval:def:249973 Record Events That Modify the System's Mandatory Access Controls oval:com.mcafee.oval:def:249939 Filesystem Configuration - Create Separate Partition for /var oval:com.mcafee.oval:def:248532 Disable IPv6 Redirect Acceptance - net.ipv6.conf.default.accept_redirects oval:com.mcafee.oval:def:248527 IPv6 Router Advertisements - net.ipv6.conf.default.accept_ra oval:com.mcafee.oval:def:246586 Check for the presence of user .rhosts files oval:com.mcafee.oval:def:250219 Filesystem Configuration - Set nosuid option for Partitions in /etc/fstab oval:com.mcafee.oval:def:248533 IPv6 Router Advertisements - net.ipv6.conf.all.accept_ra oval:com.mcafee.oval:def:249628 Configure Audit Log Storage Size oval:com.mcafee.oval:def:242772 Test the configuration status for - duration of inactive user accounts lock oval:com.mcafee.oval:def:245578 Test the enable / disable status for - net.ipv4.conf.default.log_martians oval:com.mcafee.oval:def:242742 Test the status of - SSH ClientAliveCountMax oval:com.mcafee.oval:def:246542 Check for the presence of user .netrc files oval:com.mcafee.oval:def:246594 Test the permissions on user .netrc files oval:com.mcafee.oval:def:246548 Check for the presence of user .forward files oval:com.mcafee.oval:def:249889 Collect System Administrator Actions (sudolog) oval:com.mcafee.oval:def:250218 Filesystem Configuration - Set noexec option for Partitions in /etc/fstab oval:com.mcafee.oval:def:244738 Restrict Access to the su Command - Users list in the wheel statement - /etc/group oval:com.mcafee.oval:def:242737 Test the status of - SSH ClientAliveInterval oval:com.mcafee.oval:def:249976 Collect Login and Logout Events oval:com.mcafee.oval:def:246602 Test the permissions on user dot files oval:com.mcafee.oval:def:249962 Record Events That Modify User/Group Information oval:com.mcafee.oval:def:402388 Additional Process Hardening - Restrict Core Dumps Oval ID Title oval:com.mcafee.oval:def:402411 filesystem Configuration - Disable Mounting of freevxfs filesystems oval:com.mcafee.oval:def:402414 filesystem Configuration - Disable Mounting of hfsplus filesystems oval:com.mcafee.oval:def:402413 filesystem Configuration - Disable Mounting of hfs filesystems oval:com.mcafee.oval:def:402412 filesystem Configuration - Disable Mounting of jffs2 filesystems oval:com.mcafee.oval:def:402415 filesystem Configuration - Disable Mounting of squashfs filesystems oval:com.mcafee.oval:def:244331 Use Only Approved Cipher in Counter Mode oval:com.mcafee.oval:def:402405 Additional Process Hardening - Restrict Core Dumps - kernel.randomize_va_space oval:com.mcafee.oval:def:402512 Record Events That Modify the System's Network Environment oval:com.mcafee.oval:def:402416 filesystem Configuration - Disable Mounting of udf filesystems oval:com.mcafee.oval:def:402478 Record Events That Modify Date and Time Information oval:com.mcafee.oval:def:402665 Uncommon Network Protocols - Disable SCTP oval:com.mcafee.oval:def:402664 Uncommon Network Protocols - Disable DCCP oval:com.mcafee.oval:def:402389 Additional Process Hardening - Restrict Core Dumps - fs.suid_dumpable oval:com.mcafee.oval:def:402666 Uncommon Network Protocols - Disable RDS oval:com.mcafee.oval:def:402667 Uncommon Network Protocols - Disable TIPC oval:com.mcafee.oval:def:402410 filesystem Configuration - Disable Mounting of cramfs filesystems oval:com.mcafee.oval:def:250231 Filesystem Configuration - Bind Mount the /var/tmp directory to /tmp in/etc/fstab oval:com.mcafee.oval:def:402530 Collect Successful File System Mounts oval:com.mcafee.oval:def:405194 Check Permissions on User Home Directories oval:com.mcafee.oval:def:406133 Test the permissions of the file - /var/log/messages oval:com.mcafee.oval:def:403352 Collect Kernel Module Loading and Unloading oval:com.mcafee.oval:def:403369 Collect Discretionary Access Control Permission Modification Events oval:com.mcafee.oval:def:403363 Collect File Deletion Events by User oval:com.mcafee.oval:def:403335 Disable System on Audit Log Full oval:com.mcafee.oval:def:403368 Collect Unsuccessful Unauthorized Access Attempts to Files oval:com.mcafee.oval:def:406139 Test the owner of the file -/var/log/messages oval:com.mcafee.oval:def:406140 Test the group owner of the file -/var/log/messages oval:com.mcafee.oval:def:430017 Set Password Creation Requirement Parameters Using pam_cracklib - ocredit oval:com.mcafee.oval:def:429914 Test the permissions of the file - /var/log/mail.info oval:com.mcafee.oval:def:429944 Test the group owner of the file - /var/log/news/news.err oval:com.mcafee.oval:def:429921 Test the owner of the file - /var/log/mail.warn oval:com.mcafee.oval:def:429904 Test the owner of the file - /var/log/mail oval:com.mcafee.oval:def:429937 Test the owner of the file - /var/log/news/news.crit Oval ID Title oval:com.mcafee.oval:def:430028 Set Password Creation Requirement Parameters Using pam_cracklib - retry oval:com.mcafee.oval:def:429936 Test the group owner of the file - /var/log/news/news.crit oval:com.mcafee.oval:def:429920 Test the group owner of the file - /var/log/mail.warn oval:com.mcafee.oval:def:430802 Set Lockout for Failed Password Attempts - pam_tally2 oval:com.mcafee.oval:def:429962 Test the permissions of the file - /var/log/warn oval:com.mcafee.oval:def:429953 Test the owner of the file - /var/log/news/news.notice oval:com.mcafee.oval:def:429922 Test the permissions of the file - /var/log/mail.warn oval:com.mcafee.oval:def:429930 Test the permissions of the file - /var/log/mail.err oval:com.mcafee.oval:def:429969 Test the owner of the file - /var/log/localmessages oval:com.mcafee.oval:def:429912 Test the group owner of the file - /var/log/mail.info oval:com.mcafee.oval:def:429913 Test the owner of the file - /var/log/mail.info oval:com.mcafee.oval:def:430025 Set Password Creation Requirement Parameters Using pam_cracklib - lcredit oval:com.mcafee.oval:def:429961 Test the owner of the file - /var/log/warn oval:com.mcafee.oval:def:430014 Set Password Creation Requirement Parameters Using pam_cracklib - dcredit oval:com.mcafee.oval:def:429938 Test the permissions of the file - /var/log/news/news.crit oval:com.mcafee.oval:def:429929 Test the owner of the file - /var/log/mail.err oval:com.mcafee.oval:def:421541 Review User and Group Settings - Ensure shadow group is empty oval:com.mcafee.oval:def:429945 Test the owner of the file - /var/log/news/news.err oval:com.mcafee.oval:def:429970 Test the permissions of the file - /var/log/localmessages oval:com.mcafee.oval:def:429952 Test the group owner of the file - /var/log/news/news.notice oval:com.mcafee.oval:def:429946 Test the permissions of the file - /var/log/news/news.err oval:com.mcafee.oval:def:429960 Test the group owner of the file - /var/log/warn oval:com.mcafee.oval:def:430009 Set Password Creation Requirement Parameters Using pam_cracklib - minlen oval:com.mcafee.oval:def:429903 Test the group owner of the file - /var/log/mail oval:com.mcafee.oval:def:430024 Set Password Creation Requirement Parameters Using pam_cracklib - ucredit oval:com.mcafee.oval:def:429954 Test the permissions of the file - /var/log/news/news.notice oval:com.mcafee.oval:def:429905 Test the permissions of the file - /var/log/mail oval:com.mcafee.oval:def:429928 Test the group owner of the file - /var/log/mail.err oval:com.mcafee.oval:def:429968 Test the group owner of the file - /var/log/localmessages oval:com.mcafee.oval:def:525458 Network access: Do not allow storage of passwords and credentials for network authentication oval:com.mcafee.oval:def:707799 Test If file exists - /var/log/messages oval:com.mcafee.oval:def:909811 Enable Auditing for Processes That Start Prior to auditd oval:com.mcafee.oval:def:662031 Test the enable or disable status for - net.ipv6.conf.all.disable_ipv6 Oval ID Title oval:com.mcafee.oval:def:919582 Set default umask for users - all the files in /etc/profile.d directory oval:com.mcafee.oval:def:1413915 Credential User Interface: Do not display the password reveal button oval:com.mcafee.oval:def:1412997 User Configuration: Prevent Codec Download oval:com.mcafee.oval:def:1411832 Administrative Templates - Network: Prohibit connection to non-domain networks when connected to domain authenticated network oval:com.mcafee.oval:def:1414879 APSB15-32 Vulnerability Security Update 20.0.0.228 for Adobe Flash Player for Mac oval:com.mcafee.oval.common:def:1414880 APSB15-32 Vulnerability Security Update 20.0.0.228 for Adobe Flash Player oval:com.mcafee.oval:def:1414880 Adobe Flash Player Security Update 20.0.0.228 for Vulnerability id APSB15-32 is installed or not oval:com.mcafee.oval.common:def:1414882 APSB15-32 Vulnerability Security Update 18.0.0.268 for Adobe Flash Player oval:com.mcafee.oval:def:1414882 Adobe Flash Player Security Update 18.0.0.268 for Vulnerability id APSB15-32 is installed or not oval:com.mcafee.oval:def:1414881 APSB15-32 Vulnerability Security Update 18.0.0.268 for Adobe Flash Player for Mac oval:com.mcafee.oval:def:2350127 MS15-128 - Security Update for Microsoft Office Word Viewer 2003 (KB3114478) oval:com.mcafee.oval:def:1415743 LAPS: Enable Local Admin Password Management oval:com.mcafee.oval:def:1415823 Locale Services: Disallow copying of user input methods to the system account for sign-in oval:com.mcafee.oval:def:2486288 OneDrive: Prevent the usage of OneDrive for file storage oval:com.mcafee.oval:def:2486343 Windows PowerShell: Turn on PowerShell Transcription oval:com.mcafee.oval:def:1415751 LAPS: Password Settings: Password Complexity oval:com.mcafee.oval:def:2486296 Session Time Limits: Set a time limit for disconnected sessions oval:com.mcafee.oval:def:1415853 Time Providers: Enable Windows NTP Server oval:com.mcafee.oval:def:1415735 LAPS: Do not allow password expiration time longer than required by policy oval:com.mcafee.oval:def:1415759 LAPS: Password Settings: Password Length oval:com.mcafee.oval:def:1415839 Time Providers: Enable Windows NTP Client oval:com.mcafee.oval:def:1415768 LAPS: Password Settings: Password Age oval:com.mcafee.oval:def:2486335 Windows PowerShell: Turn on PowerShell Script Block Logging oval:com.mcafee.oval:def:2486368 Network Sharing: Prevent users from sharing files within their profile oval:com.mcafee.oval:def:2486359 Internet Communication settings: Turn off Help Experience Improvement Program oval:com.mcafee.oval:def:2486326 MAPS: Join Microsoft MAPS oval:com.mcafee.oval:def:1415725 LAPS: Ensure LAPS AdmPwd GPO Extension / CSE is installed

New Benchmarks Benchmark ID Title

DebianLinux8CISBenchmark Debian Linux 8 CIS Benchmark

Updated Benchmarks

Benchmark ID Title

DebianCISBenchmark Debian CIS Benchmark

MS_Windows_Bulletin_Benchmark_2016_ MS Windows Bulletin Benchmark 2016

AdobeMacBulletinBenchmark2016 Adobe Mac Bulletin Benchmark 2016

WindowsServer2008-800-53 Windows Server 2008 - NIST 800-53 Benchmark

AdobeWindowsBulletinBenchmark2016 Adobe Windows Bulletin Benchmark 2016

Windows10CISBenchmark Windows 10 CIS Benchmark

MicrosoftOfficePatchPolicy_2003 Microsoft Office Patch Policy for 2003

MicrosoftOfficePatchPolicy_2007 Microsoft Office Patch Policy for 2007

MicrosoftOfficePatchPolicy_2010 Microsoft Office Patch Policy for 2010

MicrosoftOfficePatchPolicy_2013 Microsoft Office Patch Policy for 2013

MicrosoftOfficePatchPolicy_2016 Microsoft Office Patch Policy for 2016

Windows8_1CISBenchmark Windows 8.1 CIS Benchmark

McAfee Technical Support

PrimeSupport ServicePortal: https://support.mcafee.com

This message may contain confidential and privileged material for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you are not the intended recipient please contact the sender and delete all copies.

Copyright © 2016 McAfee, Inc. www.intelsecurity.com Intel and the Intel logo are trademarks/registered trademarks of Intel Corporation. McAfee and the McAfee logo are trademarks/registered trademarks of McAfee, Inc. Other names and brands may be claimed as the property of others.