An approach for patching or updating applications and drivers that ensures the integrity and authenticity of patches or updates, as well as the processes used to apply them, is used.
Topic
How to patch security vulnerabilities
Applicable to
all
History
Priority
must
Mar 2022
Removed
Previous iterations of the Essential Eight Maturity Model drew a distinction between how to patch ‘applications and drivers’ and ‘operating systems and firmware’. As such requirements are no longer stipulated in the Essential Eight Maturity Model, the previous six recommendations have been collapsed into one recommendation.
2017
An approach for patching operating systems, applications, drivers and hardware devices thatensures the integrity and authenticity of patches, as well as the processes used to applythem, must be used.
Control Text Changed. No public explaination.
2015
Agencies must use an approach for patching operating systems, applications, drivers andhardware devices that ensures the integrity and authenticity of patches as well as theprocesses used to apply them.
2010
Agencies must ensure that any firmware updates are performed in a manner that verifies the integrity andauthenticity of the updating process.
2008
Agencies must ensure that any firmware updates are performed in accordance with their change management procedures and in a manner that verifies the integrity and authenticity of the updating process.