A centralised and managed approach is used to patch or update operating systems and firmware.
Topic
How to patch security vulnerabilities
Applicable to
all
History
Priority
Should
Mar 2022
Removed
Previous iterations of the Essential Eight Maturity Model drew a distinction between how to patch ‘applications and drivers’ and ‘operating systems and firmware’. As such requirements are no longer stipulated in the Essential Eight Maturity Model, the previous six recommendations have been collapsed into one recommendation.
Oct 2019
A centralised and managed approach is used to patch or update operating systems and firmware.
Security controls 0298 and 1498 were slightly reworded to align with their associated rationale.
Sep 2019
Where possible, a centralised and managed approach is used to patch or update operating systems and firmware.
Nov 2018
Where possible, a centralised and managed approach is used to patch or update operating systems and firmware.
Added to address a gap in guidance on operating system and firmware patching.