Check: WN11-00-000040
Microsoft Windows 11 STIG:
WN11-00-000040
(in version v2 r2)
Title
Windows 11 systems must be maintained at a supported servicing level. (Cat I impact)
Discussion
Windows 11 is maintained by Microsoft at servicing levels for specific periods of time to support Windows as a Service. Systems at unsupported servicing levels or releases will not receive security updates for new vulnerabilities which leaves them subject to exploitation. New versions with feature updates are planned to be released on a semi-annual basis with an estimated support timeframe of 18 to 30 months depending on the release. Support for previously released versions has been extended for Enterprise editions. A separate servicing branch intended for special purpose systems is the Long-Term Servicing Channel (LTSC, formerly Branch - LTSB) which will receive security updates for 10 years but excludes feature updates.
Check Content
Run "winver.exe". If the "About Windows" dialog box does not display "Microsoft Windows 11 Version 22H2 (OS Build 22621.380)" or greater, this is a finding.
Fix Text
Update systems on the Semi-Annual Channel to "Microsoft Windows 11 Version 22H2 (OS Build 22621.380)" or greater.
Additional Identifiers
Rule ID: SV-253263r1016364_rule
Vulnerability ID: V-253263
Group Title: SRG-OS-000480-GPOS-00227
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |