AzPolicyAdvertizer

last sync: 2025-Jul-03 17:22:55 UTC

[Deprecated]: System updates should be installed on your machines

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Deprecated]: System updates should be installed on your machines

86b3d65f-7626-441e-b690-81a8b71cff60

Version

4.1.0-deprecated
Details on versioning

Versioning

Versions supported for Versioning: 2
4.1.0 (4.1.0-deprecated)
4.0.0
Built-in Versioning [Preview]

Category

Security Center
Microsoft Learn

Description

Missing security system updates on your servers will be monitored by Azure Security Center as recommendations

Cloud environments

AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown

Available in AzUSGov

The Policy is available in AzureUSGovernment cloud. Version: '3.1.0-deprecated'
Repository: Azure-Policy 86b3d65f-7626-441e-b690-81a8b71cff60

Mode

All

Type

BuiltIn

Preview

False

Deprecated

True

Effect

Default
Disabled
Allowed
AuditIfNotExists, Disabled

RBAC role(s)

none

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Security/assessments/status.code	Microsoft.Security	assessments	properties.status.code	True		False

Rule resource types

IF (2)

Microsoft.ClassicCompute/virtualMachines
Microsoft.Compute/virtualMachines

Compliance

The following 1 compliance controls are associated with this Policy definition '[Deprecated]: System updates should be installed on your machines' (86b3d65f-7626-441e-b690-81a8b71cff60)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
Azure_Security_Benchmark_v2.0	PV-7	Azure_Security_Benchmark_v2.0_PV-7	Azure Security Benchmark PV-7	Posture and Vulnerability Management	Rapidly and automatically remediate software vulnerabilities	Customer	Rapidly deploy software updates to remediate software vulnerabilities in operating systems and applications. Use a common risk scoring program (for example, Common Vulnerability Scoring System) or the default risk ratings provided by your third-party scanning tool and tailor to your environment, taking into account which applications present a high security risk and which ones require high uptime. Use Azure Automation Update Management or a third-party solution to ensure that the most recent security updates are installed on your Windows and Linux VMs. For Windows VMs, ensure Windows Update has been enabled and set to update automatically. For third-party software, use a third-party patch management solution or System Center Updates Publisher for Configuration Manager. How to configure Update Management for virtual machines in Azure: https://docs.microsoft.com/azure/automation/automation-update-management Manage updates and patches for your Azure VMs: https://docs.microsoft.com/azure/automation/automation-tutorial-update-management	n/a	link	2

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov
[Deprecated]: Azure Security Benchmark v2	bb522ac1-bc39-4957-b194-429bcd3bcb0b	Regulatory Compliance	Deprecated	BuiltIn	true

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2024-10-07 17:51:17	change	Minor, new suffix: deprecated (4.0.0 > 4.1.0-deprecated)
2021-03-09 14:37:41	change	Major (3.0.0 > 4.0.0)
2021-01-05 16:06:49	change	Major (2.0.0 > 3.0.0)

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC