Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The macOS system must obtain updates from a DoD-approved update server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-81611 | AOSX-13-000552 | SV-96325r1_rule | Medium |
| Description |
|---|
| Software update configuration. Point to DOD approved update server. Configure for automatic install of critical updates. |
| STIG | Date |
|---|---|
| Apple OS X 10.13 Security Technical Implementation Guide | 2019-03-08 |
Details
| Check Text ( C-81387r1_chk ) |
|---|
| To check if the CatalogURL is configured, run the following command: defaults read /Library/Preferences/com.apple.SoftwareUpdate.plist CatalogURL 2017-11-30 22:21:41.805 defaults[1205:9595] The domain/default pair of (/Library/Preferences/com.apple.SoftwareUpdate.plist, CatalogURL) does not exist. If the output is not an error indicating the item "does not exist" or the output is not a DoD-approved update server, this is a finding. Note: Updates are required to be applied with a frequency determined by the site or Program Management Office (PMO). |
| Fix Text (F-88459r1_fix) |
|---|
| To remove the Apple software list from the system configuration run the following command: sudo defaults delete /Library/Preferences/com.apple.SoftwareUpdate.plist CatalogURL |