SI-2(6)
SI-2(6): Removal of Previous Versions of Software / Firmware
The organization removes [organization-defined software and firmware components] after updated versions have been installed.
Supplemental
Previous versions of software and/or firmware components that are not removed from the information system after updates have been installed may be exploited by adversaries. Some information technology products may remove older versions of software and/or firmware automatically from the information system.
CIA Levels | |
---|---|
Confidentiality | unknown |
Integrity | high |
Availability | unknown |
Overlays |
---|
None |
CSF Categories |
---|
None |