Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The organization must develop procedures for ensuring mobile operating systems, mobile applications, and mobile device management agents on managed mobile devices are updated within an organization-defined period after the updates/patches are available.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| SRG-MPOL-092 | SRG-MPOL-092 | SRG-MPOL-092_rule | High |
| Description |
|---|
| Patches and fixes to an operating system (OS) or application are necessary elements in maintaining the security posture of a system. If one system has been compromised or exposed to a potential vulnerability, the entire infrastructure is at risk. Patches and fixes can be critical security flaws that have been identified and, without their application, may pose a significant risk to DoD data. |
| STIG | Date |
|---|---|
| Mobile Policy Security Requirements Guide | 2012-10-10 |
Details
| Check Text ( C-SRG-MPOL-092_chk ) |
|---|
| Review the organizations patch procedure and policy to determine if mobile operating systems, mobile applications, and mobile device management agents on managed mobile devices are updated within an organization-defined period after the updates/patches are available. If the organization is not updating or patching within the organization-defined period of time, this is a finding. |
| Fix Text (F-SRG-MPOL-092_fix) |
|---|
| Update mobile operating systems, mobile applications, and mobile device management agents on managed mobile devices within the organization-defined period after the updates/patches are available. |