Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Split-BenchmarkId returns the wrong value for Windows Defender V2R4 #1121

Closed
demianmnave-pti opened this issue Jun 24, 2022 · 1 comment · Fixed by #1124
Closed

Split-BenchmarkId returns the wrong value for Windows Defender V2R4 #1121

demianmnave-pti opened this issue Jun 24, 2022 · 1 comment · Fixed by #1124
Assignees
@erjenkin
Labels
bug Something isn't working
Milestone
4.13.1

Comments

@demianmnave-pti
Copy link

Describe the bug
This applies to PowerStig v4.13.0.

The XML ID for the Windows Defender STIG XCCDF was changed from Windows_Defender_Antivirus in V2R3 to MS_Defender_Antivirus in V2R4. Split-BenchmarkId has not been updated to account for the change, resulting in Get-PowerStigFileList returning incorrect values to New-StigCheckList.

To Reproduce

  1. Open a PowerShell prompt and change to the source/StigData/Archive/Windows.Defender directory under a clone of v4.13.0
  2. Import the PowerStig module if not already available, and execute: 
    $stigdata = [xml] (Get-Content -Path .\U_MS_Windows_Defender_Antivirus_STIG_V2R4_Manual-xccdf.xml)
Split-BenchmarkId -Id $stigdata.Benchmark.Id -FilePath .\U_MS_Windows_Defender_Antivirus_STIG_V2R4_Manual-xccdf.xml
    Outputs: 
    Name                           Value
----                           -----
TechnologyRole                 Antivirus
TechnologyVersion              Defender
Technology                     MS

Expected behavior

  • For consistency with the value returned for the V2R3 version of the Defender STIG, Split-BenchmarkId should return: 
    Name                           Value
----                           -----
TechnologyRole
TechnologyVersion              All
Technology                     WindowsDefender
  • New-StigCheckList should complete successfully when run againt U_MS_Windows_Defender_Antivirus_STIG_V2R4_Manual-xccdf.xml

Screenshots
None.

Additional context
New-StigCheckList successfully completes by manually changing the ID to Windows_Defender_Antivirus in U_MS_Windows_Defender_Antivirus_STIG_V2R4_Manual-xccdf.xml.
@erjenkin erjenkin self-assigned this Jun 27, 2022
@erjenkin erjenkin added this to the 4.13.1 milestone Jun 27, 2022
erjenkin added a commit that referenced this issue Jun 27, 2022
@erjenkin
updated based on testing to fix issue #1121
75837f3
@erjenkin erjenkin added the bug Something isn't working label Jun 27, 2022
@erjenkin erjenkin linked a pull request Jun 27, 2022 that will close this issue
4.13.1 to 4.14.0 #1124
Merged
5 tasks
@erjenkin
Copy link
Member

Thanks for finding this issue, I have fixed it based on your repro steps. Please let me know if you find any other issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@erjenkin erjenkin

Labels
bug Something isn't working
Projects
None yet
Milestone
4.13.1
Development

Successfully merging a pull request may close this issue.

4.13.1 to 4.14.0 microsoft/PowerStig
2 participants
@erjenkin @demianmnave-pti