Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The mobile operating system must verify the integrity of application software before each instance of its execution.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-33060 | SRG-OS-000097-MOS-000063 | SV-43458r3_rule | Medium |
| Description |
|---|
| A common method to compromise system security is to modify application software to perform malicious functions that will execute when the user runs the application. Verifying the integrity of the software before execution protects against such an attack. This is typically accomplished by checking cryptographic hashes or digital signatures on software program files. Rationale for non-applicability: the feature as described is more suited for a Mobile Device Manager (MDM) to implement as opposed to an OS. |
| STIG | Date |
|---|---|
| Mobile Operating System Security Requirements Guide | 2013-07-03 |
Details
| Check Text ( C-41329r3_chk ) |
|---|
| Review the mobile operating system configuration for the operating system to verify the integrity of program software before each instance of its execution. If the mobile operating system does not perform the verification, this is a finding. |
| Fix Text (F-36960r3_fix) |
|---|
| Configure the mobile operating system to verify the integrity of application software before each instance of its execution. |