Information
Ensure that application updates are installed after they are available from Apple. These updates do not require reboots or administrator privileges for end users.
Rationale:
Patches need to be applied in a timely manner to reduce the risk of vulnerabilities being exploited.
Impact:
Unpatched software may be exploited.
Solution
Graphical Method:
Perform the following steps to enable App Store updates to install automatically:
Open System Settings
Select General
Select Software Update
Select the i
Set Install application updates from the App Store to enabled
Select Done
Terminal Method:
Run the following command to turn on App Store auto updating:
$ /usr/bin/sudo /usr/bin/defaults write /Library/Preferences/com.apple.commerce AutoUpdate -bool TRUE
Note: This remediation requires a log out and log in to show in the GUI.
Profile Method:
Create or edit a configuration profile with the following information:
The PayloadType string is com.apple.SoftwareUpdate
The key to include is AutomaticallyInstallAppUpdates
The key must be set to <true/>