STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Microsoft Windows Server 2022 Security Technical Implementation Guide

V-254248

CAT II (Medium)

Windows Server 2022 must use an antivirus program.

Rule ID

SV-254248r991589_rule

STIG

Microsoft Windows Server 2022 Security Technical Implementation Guide

Version

V2R8

CCIs

CCI-000366

Discussion

Malicious software can establish a base on individual desktops and servers. Employing an automated mechanism to detect this type of software will aid in elimination of the software from the operating system.

Check Content

Verify an antivirus solution is installed on the system. The antivirus solution may be bundled with an approved host-based security solution.

If there is no antivirus solution installed on the system, this is a finding.

Verify if Microsoft Defender antivirus is in use or enabled:

Open "PowerShell".

Enter "get-service | where {$_.DisplayName -Like "*Defender*"} | Select Status,DisplayName"

Verify if third-party antivirus is in use or enabled:

Open "PowerShell".

Enter "get-service | where {$_.DisplayName -Like "*mcafee*"} | Select Status,DisplayName

Enter "get-service | where {$_.DisplayName -Like "*symantec*"} | Select Status,DisplayName

Fix Text

If no antivirus software is in use, install Microsoft Defender or third-party antivirus.

Open "PowerShell".

Enter "Install-WindowsFeature -Name Windows-Defender".

For third-party antivirus, install per antivirus instructions and disable Windows Defender.

Open "PowerShell".

Enter "Uninstall-WindowsFeature -Name Windows-Defender".