AzPolicyAdvertizer

last sync: 2024-Oct-21 17:52:17 UTC

[Deprecated]: System updates should be installed on your machines

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Deprecated]: System updates should be installed on your machines
Id 86b3d65f-7626-441e-b690-81a8b71cff60
Version 4.1.0-deprecated
Details on versioning
Versioning Versions supported for Versioning: 2
4.0.0
4.1.0 (4.1.0-deprecated)
Built-in Versioning [Preview]
Category Security Center
Microsoft Learn
Description Missing security system updates on your servers will be monitored by Azure Security Center as recommendations
Mode All
Type BuiltIn
Preview False
Deprecated True
Effect Default
Disabled
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Security/assessments/status.code Microsoft.Security assessments properties.status.code True False
Rule resource types IF (2)
Microsoft.ClassicCompute/virtualMachines
Microsoft.Compute/virtualMachines
Compliance
The following 1 compliance controls are associated with this Policy definition '[Deprecated]: System updates should be installed on your machines' (86b3d65f-7626-441e-b690-81a8b71cff60)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
Azure_Security_Benchmark_v2.0 PV-7 Azure_Security_Benchmark_v2.0_PV-7 Azure Security Benchmark PV-7 Posture and Vulnerability Management Rapidly and automatically remediate software vulnerabilities Customer Rapidly deploy software updates to remediate software vulnerabilities in operating systems and applications. Use a common risk scoring program (for example, Common Vulnerability Scoring System) or the default risk ratings provided by your third-party scanning tool and tailor to your environment, taking into account which applications present a high security risk and which ones require high uptime. Use Azure Automation Update Management or a third-party solution to ensure that the most recent security updates are installed on your Windows and Linux VMs. For Windows VMs, ensure Windows Update has been enabled and set to update automatically. For third-party software, use a third-party patch management solution or System Center Updates Publisher for Configuration Manager. How to configure Update Management for virtual machines in Azure: https://docs.microsoft.com/azure/automation/automation-update-management Manage updates and patches for your Azure VMs: https://docs.microsoft.com/azure/automation/automation-tutorial-update-management n/a link 2
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
[Deprecated]: Azure Security Benchmark v2 bb522ac1-bc39-4957-b194-429bcd3bcb0b Regulatory Compliance Deprecated BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-10-07 17:51:17 change Minor, new suffix: deprecated (4.0.0 > 4.1.0-deprecated)
2021-03-09 14:37:41 change Major (3.0.0 > 4.0.0)
2021-01-05 16:06:49 change Major (2.0.0 > 3.0.0)
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC