Title

Vision Pro must have the latest available visionOS operating system installed. (Cat I impact)

Discussion

Required security features are not available in earlier OS versions. In addition, earlier versions may have known vulnerabilities. SFR ID: FMT_SMF.1.1 #47

Check Content

Review configuration settings to confirm the most recently released version of visionOS is installed. This validation procedure is performed on both the Apple visionOS management tool and the Vision Pro. Go to https://www.apple.com and determine the most current version of visionOS released by Apple. In the MDM management console, review the version of visionOS installed on a sample of managed devices. This procedure will vary depending on the MDM product. On the Vision Pro: 1. Open the Settings app. 2. Tap "General". 3. Tap "About" and view the installed version of visionOS. 4. Go back to the "General" screen. Tap "Software Update" and verify the following message is shown on the screen: "Your software is up to date." If the installed version of visionOS on any reviewed visionOS devices is not the latest released by Apple, this is a finding.

Fix Text

Install the latest release version of Apple visionOS on all managed visionOS devices.

Additional Identifiers

Rule ID: SV-276396r1146684_rule

Vulnerability ID: V-276396

Group Title: PP-MDF-993300

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.