The MDM server must support automated patch management tools to facilitate flaw remediation of all software components on the server.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36061	SRG-APP-271-MDM-057-SRV	SV-47451r1_rule		Medium

Description
The organization (including any contractor to the organization) must promptly install security relevant software updates (e.g., patches, service packs, hot fixes). Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling, must also be addressed. Left un-patched, software may be vulnerable to a variety of exploits that could disclose sensitive information or lead to subsequent security breaches. An automated patch management tool can mitigate this risk.

Description

The organization (including any contractor to the organization) must promptly install security relevant software updates (e.g., patches, service packs, hot fixes). Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling, must also be addressed. Left un-patched, software may be vulnerable to a variety of exploits that could disclose sensitive information or lead to subsequent security breaches. An automated patch management tool can mitigate this risk.

STIG	Date
Mobile Device Manager Security Requirements Guide	2013-01-24

Details

Check Text ( C-44300r1_chk )
Verify the presence of an automated patch management tool. If there is no patch management system or it is not functioning as expected, this is a finding.

Fix Text (F-40591r1_fix)
Install an automated patch management tool on the MDM server.