Title

The DSN local system must have the current software updates and patches applied to all components. (Cat II impact)

Discussion

Many vendors provide patches or new versions of software to incorporate mitigations for newly discovered security vulnerabilities. In some cases, this is the only way to mitigate a threat to the system. Administrators are required to use the latest vendor-provided software or patch to take advantage of security enhancements. This is not the case if the new software only provides additional features or a patch only resolves an operational issue or bug.

Check Content

Review site documentation to confirm the DSN local system has the current software updates and patches applied to all components. If the current software updates and patches are not applied to all components of the DSN system, this is a finding.

Fix Text

Implement and document the DSN local system with current software updates and patches to all components.

Additional Identifiers

Rule ID: SV-9028r2_rule

Vulnerability ID: V-8531

Group Title: Software updates and patches implemented

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.