UCF STIG Viewer Logo

Development systems must be part of a patch management solution.


Finding ID Version Rule ID IA Controls Severity
V-39440 ENTD0100 SV-51298r1_rule ECSC-1 VIVM-1 Medium
Major software vendors release security patches and hotfixes to their products when security vulnerabilities are discovered. It is essential that these updates be applied in a timely manner to prevent unauthorized individuals from exploiting identified vulnerabilities.
Test and Development Zone C Security Technical Implementation Guide 2018-09-17


Check Text ( C-46715r3_chk )
Determine whether the organization has a patch management solution in place to apply security patches released by the vendor. If a patch management solution has not been implemented and is not functioning to update development systems with the latest patches, this is a finding.

If there isn't any application development occurring in the zone environment, this requirement is not applicable.
Fix Text (F-44453r2_fix)
Implement a patch management solution to keep development systems up to date with the latest security patches released by the vendor.