1.2.2.1 Ensure updates, patches, and additional security software are installed

Information

Periodically patches are released for included software either due to security flaws or to include additional functionality.

Newer patches may contain security enhancements that would not be available through the latest full update. As a result, it is recommended that the latest software patches be used to take advantage of the latest functionality. As with any software installation, organizations need to determine if a given update meets their requirements and verify the compatibility and supportability of any additional software against the update revision that is selected.

Solution

Run the following command to update all packages following local site policy guidance on applying updates and patches:

# apt update

# apt upgrade
- OR -
# apt dist-upgrade

See Also

https://workbench.cisecurity.org/benchmarks/18960

Item Details

Category: RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|RA-5, 800-53|SI-2, 800-53|SI-2(2), CSCv7|3.4, CSCv7|3.5

Plugin: Unix

Control ID: 2ea25f13ad125a94cfef9180241f7ff7b9e938f2553073b2bb27a6064aba0381