An automated mechanism is used to confirm and record that deployed operating system and firmware patches or updates have been installed, applied successfully and remain in place.
Topic
How to patch security vulnerabilities
Applicable to
all
History
Priority
Must
Mar 2022
Removed
Previous iterations of the Essential Eight Maturity Model drew a distinction between how to patch ‘applications and drivers’ and ‘operating systems and firmware’. As such requirements are no longer stipulated in the Essential Eight Maturity Model, the previous six recommendations have been collapsed into one recommendation.
Nov 2018
An automated mechanism is used to confirm and record that deployed operating system and firmware patches or updates have been installed, applied successfully and remain in place.
Added to address a gap in guidance on operating system and firmware patching.