An approach for patching or updating operating systems and firmware that ensures the integrity and authenticity of patches or updates, as well as the processes used to apply them, is used.
Topic
How to patch security vulnerabilities
Applicable to
all
History
Priority
Must
Mar 2022
Removed
Previous iterations of the Essential Eight Maturity Model drew a distinction between how to patch ‘applications and drivers’ and ‘operating systems and firmware’. As such requirements are no longer stipulated in the Essential Eight Maturity Model, the previous six recommendations have been collapsed into one recommendation.
Nov 2018
An approach for patching or updating operating systems and firmware that ensures the integrity and authenticity of patches or updates, as well as the processes used to apply them, is used.
Added to address a gap in guidance on operating system and firmware patching.