The operating system must support automated patch management tools to facilitate flaw remediation to organization-defined information system components.

Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The operating system must support automated patch management tools to facilitate flaw remediation to organization-defined information system components.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-51377	OSX8-00-00840	SV-65587r1_rule		Medium

Description
The organization (including any contractor to the organization) must promptly install security-relevant software updates (e.g., patches, service packs, hot fixes). Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling, must also be addressed.

STIG	Date
Apple OS X 10.8 (Mountain Lion) Workstation STIG	2015-02-10

Details

Check Text ( C-53715r1_chk )
The system must be defined to use an internal software update server. To check the value of the software update server, run the following command: system_profiler SPConfigurationProfileDataType \| grep "CatalogURL" \| awk '{ print $3 }' \| sed 's/;//' If it is not defined or set to the correct organization-defined value, this is a finding.

Fix Text (F-56175r1_fix)
This should be configured with a configuration profile.