An organization's mobile device inventory recently provided notification that a zero-day vulnerability was identified in the code used to control the baseband of the devices. The device manufacturer is expediting a patch, but the rollout will take several months. Additionally, several mobile users recently returned from an overseas trip and report their phones now contain unknown applications, slowing device performance. Users have been unable to uninstall these applications, which persist after wiping the devices. Which of the following MOST likely occurred and provides mitigation until the patches are released?
A) Unauthentic firmware was installed; disable OTA updates and carrier roaming via MDM
B) Users opened a spear-phishing email; disable third-party application stores and validate all signed code prior to execution
C) An attacker downloaded monitoring applications; perform a full factory reset of the affected devices
D) Users received an improperly encoded emergency broadcast message, leading to an integrity loss condition; disable emergency broadcast messages

Question

Quizplus · Accepted Answer

The scenario suggests that unauthorized firmware was installed on the devices, likely through a compromised baseband vulnerability. Disabling OTA updates and carrier roaming via MDM can help mitigate further unauthorized changes until the patch is available.

An Organization's Mobile Device Inventory Recently Provided Notification That a Zero-Day