Title

Systems must be at supported service pack (SP) or release levels. (Cat I impact)

Discussion

Systems at unsupported service packs or releases will not receive security updates for new vulnerabilities and leaves them subject to exploitation. Systems must be maintained at a service pack level supported by the vendor with new security updates.

Check Content

Run "winver.exe". If the "About Windows" dialog box does not display the following version or greater, this is a finding. "Microsoft Windows Version 6.1 (Build 7601: Service Pack 1)" No Release Candidates or Beta versions will be used in a production environment. The initial release of Windows 7 is unsupported as of 9 April 2013. Systems must be updated to Service Pack 1.

Fix Text

Update the system to a version of the operating system supported by the vendor. Support for Windows 2008/2008 R2 ended 14 January 2020. After this date, systems must have Windows 2012 or greater installed.

Additional Identifiers

Rule ID: SV-25257r3_rule

Vulnerability ID: V-1073

Group Title: Unsupported Service Packs

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.