Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-81491 | AOSX-13-000090 | SV-96205r1_rule | Medium |
Description |
---|
Applications should not be configured to launch automatically when a disk is inserted. This potentially circumvents anti-virus software and allows malicious users to craft disks that can exploit user applications. Disabling Automatic Actions for blank DVDs mitigates this risk. |
STIG | Date |
---|---|
Apple OS X 10.13 Security Technical Implementation Guide | 2019-07-01 |
Check Text ( C-81239r1_chk ) |
---|
If an approved HBSS DCM/DLP solution is installed, this is not applicable. To check if the system has the correct setting for blank DVDs in the configuration profile, run the following command: /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep -A 2 'com.apple.digihub.blank.dvd.appeared' If this is not defined or "action" is not set to "1", this is a finding. |
Fix Text (F-88315r1_fix) |
---|
This setting is enforced using the "Custom Policy" configuration profile. |