Malicious code protection applications must update malicious code protection mechanisms only when directed by a privileged user.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-35708	SRG-APP-000274-MAPP-NA	SV-46995r1_rule		Medium

Description
Malicious code protection software must be protected to prevent a non-privileged user or malicious piece of software from manipulating the protection update mechanism. Malicious code includes, viruses, worms, Trojan horses, and Spyware. Rationale for non-applicability: Malicious code protections are implemented by the mobile operating system in conjunction with an MDM. Mobile applications within the scope of the SRG have no relationship to this functionality.

Description

Malicious code protection software must be protected to prevent a non-privileged user or malicious piece of software from manipulating the protection update mechanism. Malicious code includes, viruses, worms, Trojan horses, and Spyware. Rationale for non-applicability: Malicious code protections are implemented by the mobile operating system in conjunction with an MDM. Mobile applications within the scope of the SRG have no relationship to this functionality.

STIG	Date
Mobile Application Security Requirements Guide	2013-01-04

Details

Check Text ( C-44051r1_chk )
This requirement is NA for the MAPP SRG.

Fix Text (F-40251r1_fix)
The requirement is NA. No fix is required.