Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Windows 10 Mobile must not allow use of developer modes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-69711 | MSWM-10-200303 | SV-84333r1_rule | Medium |
| Description |
|---|
| Developer modes expose features of the MOS that are not available during standard operation. An adversary may leverage a vulnerability inherent in a developer mode to compromise the confidentiality, integrity, and availability of DoD-sensitive information. Disabling developer modes mitigates this risk. SFR ID: FMT_SMF_EXT.1.1 #24 |
| STIG | Date |
|---|---|
| Microsoft Windows 10 Mobile Security Technical Implementation Guide | 2017-09-11 |
Details
| Check Text ( C-70153r1_chk ) |
|---|
| Review Windows 10 Mobile configuration settings to determine whether a developer mode is enabled. This validation procedure is performed on both the MDM administration console and the Windows 10 Mobile device. On the MDM administration console: 1. Ask the MDM administrator to verify the phone compliance policy. 2. Find the setting for restricting the Developer Unlocking/Developer Mode capability. 3. Verify that setting is set to disabled/off. On the Windows 10 Mobile device: 1. Launch "Settings". 2. Tap on "Update & security" and then tap on "For developers". 3. Verify that the setting titled "Developer mode" is not selected and it is disabled/read-only. If the MDM does not have the Developer Unlocking/Developer Mode policy to disable developer mode enforced, or if on the phone the setting titled "Developer mode" is not disabled/read-only on the "Developer mode" screen, this is a finding. |
| Fix Text (F-75915r1_fix) |
|---|
| Configure the MDM system to require the Developer Unlocking/Developer Mode policy be disabled for Windows 10 Mobile devices. Deploy the MDM policy on managed devices. |