1.5 Ensure Install Application Updates from the App Store Is Enabled

Information

Ensure that application updates are installed after they are available from Apple. These updates do not require reboots or administrator privileges for end users.

Patches need to be applied in a timely manner to reduce the risk of vulnerabilities being exploited.

Solution

Run the following command to turn on App Store auto updating:

% /usr/bin/sudo /usr/bin/defaults write /Library/Preferences/com.apple.commerce AutoUpdate -bool TRUE

Impact:

Unpatched software may be exploited.

See Also

https://workbench.cisecurity.org/benchmarks/17465

Item Details

Category: RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|RA-5, 800-53|SI-2, 800-53|SI-2(2), CSCv7|3.4, CSCv7|3.5

Plugin: Unix

Control ID: 9caf9c17b4c391a1f5b542cceb4450b781a01e3b322c52b8a845e0061c639f9a