Details

Major software vendors release security patches and hot fixes to their products when security vulnerabilities are discovered. It is essential that these updates be applied in a timely manner to prevent unauthorized persons from exploiting identified vulnerabilities.

The Severity code may be elevated to a Category I if patches deemed Critical have not been applied.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Apply all Microsoft security-related patches to the Windows system.

Supportive Information

The following resource is also helpful.

• http://iasecontent.disa.mil/stigs/zip/Oct2016/U_Windows_Vista_V6R41_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.

References

• 800-53|CM-6b.
• CAT|II
• CCI|CCI-000366
• Rule-ID|SV-29726r1_rule
• STIG-ID|2.019
• Vuln-ID|V-3828

Source

• Tenable.com/audits