Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
RHEL-06-000455 | RHEL-06-000455 | RHEL-06-000455_rule | Medium |
Description |
---|
Security faults with software applications and operating systems are discovered daily and vendors are constantly updating and patching their products to address newly discovered security vulnerabilities. Organizations (including any contractor to the organization) are required to promptly install security-relevant software updates (e.g., patches, service packs, hot fixes). Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling, must also be addressed expeditiously. |
STIG | Date |
---|---|
Red Hat Enterprise Linux 6 Security Technical Implementation Guide | 2013-02-05 |
Check Text ( C-RHEL-06-000455_chk ) |
---|
Ask an administrator if a process exists to promptly and automatically apply OS software updates. If such a process does not exist, this is a finding. |
Fix Text (F-RHEL-06-000455_fix) |
---|
Procedures to promptly apply software updates must be established and executed. The Red Hat operating system provides support for automating such a process, by running the yum program through a cron job or by managing the system and its packages through the Red Hat Network or a Satellite Server. |