The system must support automated patch management tools to facilitate flaw remediation to organization defined information system components.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-36735 | WN08-GE-000029 | SV-48384r2_rule | VIVM-1 | Medium |
| Description |
|---|
| The organization (including any contractor to the organization) must promptly install security-relevant software updates (e.g., patches, service packs, hot fixes). Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling must also be addressed. |
| STIG | Date |
|---|---|
| Windows 8/8.1 Security Technical Implementation Guide | 2018-02-12 |
Details
| Check Text ( C-45053r1_chk ) |
|---|
| Verify the organization has an automated process to install security-related software updates. If it does not, this is a finding. |
| Fix Text (F-41515r1_fix) |
|---|
| Establish a process to automatically install security-related software updates. |