Back

Install the most current Windows Service Pack.


CONTROL ID
01695
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Use the latest approved version of all software., CC ID: 00897

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • All software should be up-to-date to reduce potential vulnerabilities to the system. (§ 3.5.8, Australian Government ICT Security Manual (ACSI 33))
  • Service packs include major and minor fixes to the software and are released as necessary. When a service pack is released, it should be used on a test machine prior to being put into production to ensure that no bugs are present. If you do not have this capability, you should wait a couple of weeks… (Pg 9, The Center for Internet Security Windows 2000 Benchmark, 2.2.1)
  • Check to ensure that the latest Windows Service Pack is installed. If possible, test the Service Pack before installing it in your working environment. Even though it has been tested by Microsoft, there may still be problems with some software. If you do not have a test environment, wait a couple of… (§ 1.1.1, The Center for Internet Security Windows 2000 Professional Benchmark, 2.2.1)
  • Service packs include major and minor fixes to the software and are released as necessary. When a service pack is released, it should be used on a test machine prior to being put into production to ensure that no bugs are present. If you do not have this capability, you should wait a couple of weeks… (§ 9, The Center for Internet Security Windows 2000 Professional Operating System Level 2 Benchmark, 2.2.1)
  • Ensure Service Pack 4 is installed. (§ 1.1.1, The Center for Internet Security Windows 2000 Server Benchmark, 2.2.1)
  • Service packs include major and minor fixes to the software and are released as necessary. When a service pack is released, it should be used on a test machine prior to being put into production to ensure no bugs are present. Organizations without this capability should wait a couple of weeks before… (Pg 10, The Center for Internet Security Windows NT Benchmark, 1.0.5)
  • The organization must ensure that the most current Windows Service Pack is installed. Although Service Packs are generally reliable and go through extensive testing, it is possible that the service pack is not compatible with every software product on the market. If possible, test service packs in a… (§ 1.1.1, The Center for Internet Security Windows XP Professional SP1/SP2 Benchmark, 2.01)
  • The organization should ensure the most current service pack has been installed on all devices. (§ 2.3.2 (2.3.2.070), The Center for Internet Security Wireless Networking Benchmark, 1)
  • Table F-3: For Windows 2000 Professional, the organization must install all service packs. Table F-4: For Windows XP Professional, the organization must install all service packs. (Table F-3, Table F-4, CMS Business Partners Systems Security Manual, Rev. 10)
  • The most current service pack available should be installed. Service Pack 2 is the latest service pack currently available. (§ 5.1.1, DISA Windows Server 2003 Security Checklist, Version 6 Release 1.11)
  • The most current service pack for Windows Vista should be installed. The dialog box should display "Version 6.0 (Build 6000)" or greater. (§ 3.2 (2.005), DISA Windows VISTA Security Checklist, Version 6 Release 1.11)
  • The most current service pack should be installed. The dialog box should display "Version 5.1 (Build 2600…Service Pack 2)" or greater. (§ 5.1.1, § 5.12.1, DISA Windows XP Security Checklist, Version 6 Release 1.11)
  • A service pack is a major upgrade that resolves many problems. Service packs incorporate all of the hot fixes that have been released since the last service pack release. Service packs should be tested thoroughly before being installed in a production environment. (§ 4.3.2, Guidance for Securing Microsoft Windows XP Systems for IT Professionals, NIST SP 800-68, Revision 1)
  • Before configuring your Windows 2000 system, ensure that the latest Windows Service Pack has been installed. (Pg 1, NSA Guide to Securing Microsoft Windows 2000 Group Policy, Version 1.1)