My organization follows a restrictive or conservative change management strategy, should we install all the missing security patches and updates?
In the case of patches, Security_patch_check will recommend the “best” patch required to fix the security vulnerability. If a 2 or 3 star (“HP Recommended”) patch is available from the Patch Database to resolve the security issue, it will be identified. In some cases there will be no 2 or 3 star patch and in those cases, a 1 star patch may be identified. As in all changes to the environment, the risk of installing a 1 star patch must be weighed against the risk associated with not resolving the security vulnerability. In the case of updates. SPC will recommend release-quality updates or clearly labeled interim releases. HP strongly recommends customers perform all actions recommended in security bulletins. For more information on the patch rating system, see the section entitled “defining best available patches.
Related Questions
- How can web-based information management systems help our church/organization comply with the security related issues of Canada’s Personal Information Protection and Electronic Documents Act?
- My organization follows a restrictive or conservative change management strategy, should we install all the missing security patches and updates?
- My organization follows a restrictive or conservative change management strategy, should we install all the missing security patches?
