Title

Systems must be at supported service packs (SP) or releases levels. (Cat I impact)

Discussion

Systems at unsupported service packs or releases will not receive security updates for new vulnerabilities and leaves them subject to exploitation. Systems must be maintained at a service pack level supported by the vendor with new security updates.

Check Content

From the menu bar click “Start” and then “Run”. Type “winver.exe” in the dialog box and click OK. If the "About Windows" box displays the following Service Pack(s), then this is a finding. Unsupported Service Packs: Windows Vista – any prior to SP2 Support of SP1 for Windows Vista ended 12 July 2011.

Fix Text

Update the system to a supported service pack. Application of new service packs should be thoroughly tested before deploying in a production environment.

Additional Identifiers

Rule ID: SV-29341r1_rule

Vulnerability ID: V-1073

Group Title: Unsupported Service Packs

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.