Notify antivirus programs when opening attachmentsID: oval:org.secpod.oval:def:36511 | Date: (C)2016-08-05 (M)2023-12-13 |
Class: COMPLIANCE | Family: windows |
This policy setting allows you to manage the behavior for notifying registered antivirus programs. If multiple programs are registered, they will all be notified. If the registered antivirus program already performs on-access checks or scans files as they arrive on the computer's email server, additional calls would be redundant.
If you enable this policy setting, Windows tells the registered antivirus program to scan the file when a user opens a file attachment. If the antivirus program fails, the attachment is blocked from being opened.
If you disable this policy setting, Windows does not call the registered antivirus programs when file attachments are opened.
If you do not configure this policy setting, Windows does not call the registered antivirus programs when file attachments are opened.
Counter Measure:
Configure the Notify antivirus programs when opening attachments setting to Enabled.
Potential Impact:
When the Notify antivirus programs when opening attachments setting is Enabled, every downloaded file or e-mail attachment that the user opens will be scanned.
Fix:
(1) GPO: User Configuration\Administrative Templates\Windows Components\Attachment Manager\Notify antivirus programs when opening attachments
(2) REG: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments!ScanWithAntiVirus
(3) WMI: ###
Platform: |
Microsoft Windows 10 |