The Vulnerable Apps threat category keeps you informed about new threats to apps used on your devices, so that you can minimize exposure to these vulnerabilities.
An app vulnerability is a system flaw or weakness in a version of an app that could be exploited to bypass its security. Once a vulnerable app is exploited, an attacker can gain access to some or all capabilities of the app, such as audio and video, or retrieve all data from internal and external storage. If this vulnerability is combined with an exploit targeting the app sandbox, the attacker can take complete control of the device.
You can review and manage the threat exposure and set up notifications to prompt the end user to update to a non-vulnerable app version sooner.
The Vulnerable Apps Installed threat category is in Jamf Security Cloud under . On this page you can:
Use the Threat Category filter to display the apps and versions that are vulnerable.
Select an app to view the threat description, CVE, and other details.
Select Manage Policy for the specific user to define, or manage, the event exceptions and set the controls to ignore a specific threat occurrence for an app version.
There are three types of notification for vulnerable apps:
- Admin Summary Email
Admins receive an email notification when Jamf identifies any vulnerable apps on your devices, containing details of the app and devices, and advice on how to proceed.
Note:The number of "Installs" in the email refers to the number of devices with a vulnerable app version installed.
- End User Email
When a new threat has been detected by Jamf on a user's device, they will receive an email containing the device name, threat category and name, and severity score. This email is intended to prompt the end users to update the relevant app to the latest available version.
- End User In-App
You can trigger an in-app notification for end users to receive when an app version is vulnerable to known security exploits. This informs them that they need to upgrade to the latest app version for their device, and gives them the opportunity to do so before admins receive notifications about devices that have not been upgraded.