STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Microsoft Windows Server 2025 Security Technical Implementation Guide

V-277995

CAT II (Medium)

Windows Server 2025 must use an antivirus program.

Rule ID

SV-277995r1180691_rule

STIG

Microsoft Windows Server 2025 Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000366

Discussion

Malicious software can establish a base on individual desktops and servers. Employing an automated mechanism to detect this type of software will aid in elimination of the software from the operating system.

Check Content

Verify an antivirus solution is installed on the system. The antivirus solution may be bundled with an approved host-based security solution.

If there is no antivirus solution installed on the system, this is a finding.

Verify if Microsoft Defender antivirus is in use or enabled:

Open PowerShell.

Enter "get-service | where {$_.DisplayName -Like "*Defender*"} | Select Status,DisplayName"

Verify if third-party antivirus is in use or enabled:

Open PowerShell.

Enter "get-service | where {$_.DisplayName -Like "*mcafee*"} | Select Status,DisplayName

Enter "get-service | where {$_.DisplayName -Like "*symantec*"} | Select Status,DisplayName

Fix Text

If no antivirus software is in use, install Microsoft Defender or third-party antivirus.

Open PowerShell.

Enter "Install-WindowsFeature -Name Windows-Defender".

For third-party antivirus, install per antivirus instructions and disable Windows Defender.

Open PowerShell.

Enter "Uninstall-WindowsFeature -Name Windows-Defender".