Samsung Android operating systems that are no longer supported by the vendor for security updates must not be installed on a system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-66505 | KNOX-39-000000 | SV-80995r1_rule | High |
| Description |
|---|
| Android operating systems that are no longer supported by Samsung for security updates are not evaluated or updated for vulnerabilities, leaving them open to potential attack. Organizations must transition to a supported operating system to ensure continued support. |
| STIG | Date |
|---|---|
| Samsung Android (with Knox 2.x) STIG | 2016-02-25 |
Details
| Check Text ( C-67153r2_chk ) |
|---|
| 1. On the home screen, tap Apps >> Settings. 2. Find and tap on “About Device”. This displays the following information: -- Model number: This number can indicate which carrier you are using, which KNOX components are preloaded, and which apps might be hidden by a carrier. -- Android version: If the version number begins with 4.4, the device is running Android KitKat. If the version number begins with 5, the device is running Android Lollipop. -- Build number: This number encodes the Android software build and when it was released: - Android code family: L= Lollipop, K=KitKat, J=Jellybean - Code branch: R=primary, S=secondary - Release quarter: A=Q1 2009, T=Q4 2013 - Release date: 01=first day in quarter, so T49=Nov 18 2013, S15=Jul 15 2013 - Build made that day: A=first build, H=eighth build If the version number is less than 5.0, this is a finding. |
| Fix Text (F-72585r1_fix) |
|---|
| Upgrade the Samsung Android mobile devices to a supported operating system of 5.0 or greater. |