CCE-50326-8Platform: cpe:/o:apple:mac_os_14 | Date: (C)2024-01-24 (M)2024-01-24 |
Software vendors release security patches and software updates for their products when security vulnerabilities are discovered. There is no simple way to complete this action without a network connection to an Apple software repository. Please ensure appropriate access for this control. This check is only for what Apple provides through software update.Software updates should be run at minimum every 30 days.It is important that these updates be applied in a timely manner to prevent unauthorized persons from exploiting the identified vulnerabilities.
NOTE: Installation of updates can be disruptive to the users especially if an restart is required. Major updates need to be applied after creating an organizational patch policy. It is also advised to run updates and forced restarts during system downtime and not while in active use.
Fix:Run the following command to verify what packages need to be installed:
$ /usr/bin/sudo /usr/sbin/softwareupdate -l
The output will include the following: Software Update found the following new or updated software: Run the following command to install all the packages that need to be updated:To install all updates run the command:$ /usr/bin/sudo /usr/sbin/softwareupdate -i -aOr run the following command to install individual packages:$ /usr/bin/sudo /usr/sbin/softwareupdate -i <'package name>'
Note: If one of the software updates listed includes Action: restart, then you must attach the -R flag to force a system restart. If the system update is complete but no restart occurs, then the system is in an unknown state that requires a future restart. It is advised to run updates and forced restarts during system downtime and not while in active use.
Parameter:
[]
Technical Mechanism:
To install all updates run the command: $ /usr/bin/sudo /usr/sbin/softwareupdate -i -a Or run the following command to install individual packages: $ /usr/bin/sudo /usr/sbin/softwareupdate -i 'package name '
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.8 | Attack Vector: NETWORK |
Exploit Score: 2.8 | Attack Complexity: LOW |
Impact Score: 5.9 | Privileges Required: LOW |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:97027 |