Title

iTunes Store must be disabled. (Cat III impact)

Discussion

iTunes store allows a user to purchase and download music, videos, and podcasts, which could inadvertently introduce malware on the system. NOTE: The fix must be performed for each user.

Check Content

Open iTunes. Choose iTunes -> Preferences. Choose the "Parental" tab. In the "Disable:" section, ensure the following items are checked. "Podcasts" "Radio streaming" "iTunes Store" "Allow Access to iTunesU" "Ping" (if it exists) "Shared Libraries" If not, this is a finding.

Fix Text

Open Finder. Select Applications. Double click the iTunes application. On the top menu bar click iTunes and from the drop down menu select Preferences. Click on the Parental icon. Check the following items to disable. "Podcasts" "Radio streaming" "iTunes Store" "Allow Access to iTunesU" "Ping" (if it exists) "Shared Libraries" NOTE: This must be performed for each user.

Additional Identifiers

Rule ID: SV-37301r1_rule

Vulnerability ID: V-25355

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.