The mobile operating system must detect and report the version of the operating system, device drivers, and application software when queried by an authorized entity.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33182	SRG-OS-000191-MOS-000103	SV-43580r1_rule		High

Description
Organizations are required to identify information systems containing software affected by recently announced software flaws (and potential vulnerabilities resulting from those flaws) and report this information to an MDM system or other system with similar functionality. To support this requirement, an automated process or mechanism is required.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41443r1_chk )
Examine the mobile operating system configuration for detecting and reporting the version of the operating system, device drivers, and application software when queried by an authorized entity. Determine if the version of the operating system, selected device drivers, and at least one software application are correctly detected and reported to the MDM. If any such information cannot be obtained, this is a finding.

Check Text ( C-41443r1_chk )

Examine the mobile operating system configuration for detecting and reporting the version of the operating system, device drivers, and application software when queried by an authorized entity. Determine if the version of the operating system, selected device drivers, and at least one software application are correctly detected and reported to the MDM. If any such information cannot be obtained, this is a finding.

Fix Text (F-37083r1_fix)
Configure the operating system such that it can detect and report the version of the operating system, device drivers, and application software.