Automatically updating and running malware prevention software

Malware protection systems automatically check for and install updates at desired intervals and also run the desired scans at the selected frequency without needed user actions.

The organisation has to make sure that all licensed software are updated with in 14 days of the update coming live when:

• The update fixes vulnerabilities that are considered critical or high risk
• Supplier does not release details about the severity of the vulnerability

The organization shall ensure that security systems that detect vulnerabilities and key information (such as Threat Signature) that may be used in them are updated at least weekly.

Updates should focus on enabling automation and monitoring for malfunctions.

The organization must make sure that data systems are maintained and updated according to the manufacturer guidelines

Organisations should regularly check for new versions of used open-source code. Ideally, this process is automated. New versions of open-source code can often contain new security functions, security patches, etc.

All externally acquired products and services should be regularly checked for the need of acquiring patches, updates and or upgrades for software and hardware.

These revisions should be acquired only from trusted providers, as well as ensured that the maintenance is only performed by the approved supplier personnel and unauthorized changes are denied.

The provenance, authenticity and integrity of these products and services has to be also confirmed and required by organizational policies and kept intact.

Any compromises in security or need for patches should be reported to leaders and relevant parties promptly.

Software updates should have a management process in place to ensure that the latest approved patches and application updates are installed on all approved software. Earlier versions of software should be retained as a precaution.

Once a vulnerability is identified, suppliers often have significant pressure to release patches as soon as possible. Therefore, the patch may not adequately address the issue and may have harmful side effects.

In evaluating patches, e.g. the following things should be taken into account:

• whether the patch can be pre-tested properly?
• whether it is wise to expect experience from other repairers?
• whether the patch is available from a trusted source?
• what are the risks of installing the patch and delaying the installation?
• whether other actions are needed, such as disabling vulnerability features, increasing monitoring, or reporting about the vulnerability