Verify that critical patches are installed within one month and all other patches within 3 months |
If the most recent patches are not implemented on the endpoints as soon as possible, an attacker can use these exploits to attack or disable such endpoints, gain access to sensitive data stored on endpoints, or use compromised endpoints as a stepping stone to expanding the attack on other critical systems.
This Action1 query gathers status of patch installation across the entire network of endpoints and verifies, per PCI DSS mandates, that all vendor-supplied critical patches are be deployed within 30 days. If any critical patches are missing, such endpoints are flagged as non-compliant and Action1 brings them to your attention. Non-critical patches must also be deployed, but PCI DSS standard is vague in terms of timeframe (this query uses 3 months by default).
Sign-up for Action1 Free Edition to streamline compliance efforts for your network of endpoints. Such as you can simplify assessments of 6.2.b: Timely Deployment of Vendor-Supplied Patches for your internal or external auditors, create instant or regular compliance reports that prove your compliance while reducing the costs. Action1 Endpoint Security Platform is entirely SaaS, with online web interface (no management tools to install) and it has zero cost for basic functionality. Running in the Cloud, Action1 discovers all of your endpoints within seconds and allows you to pass compliance audits and maintain continuous compliance with ease.
Respond to Threatsin Real-Time
Ask questions in plain English such as "list of installed software" or "all running processes".
Get answers instantly from live systems or subscribe to real-time alerts.
Keywords: Verify that critical patches are installed within one month and all other patches within 3 months,Action1 6.2.b: Timely Deployment of Vendor-Supplied Patches.
Find more information on 6.2.b: Timely Deployment of Vendor-Supplied Patches at Microsoft TechNet.