CCE-38408-1| Platform: cpe:/o:microsoft:windows_server_2012::r2 | Date: (C)2015-10-08 (M)2023-07-04 |
Scan packed executables
This policy setting allows you to configure scanning for packed executables. It is recommended that this type of scanning remain enabled.
If you enable or do not configure this setting, packed executables will be scanned.
If you disable this setting, packed executables will not be scanned.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsWindows DefenderScan!Scan packed executables
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindows DefenderScan!DisablePackedExeScanning
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 6.2 | Attack Vector: NETWORK |
| Exploit Score: 0.7 | Attack Complexity: HIGH |
| Impact Score: 5.5 | Privileges Required: HIGH |
| Severity: MEDIUM | User Interaction: NONE |
| Vector: AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: LOW |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:28627 |
