The application of security patches is scheduled to limit interference with users.
The required deployment schedule for security patches is as follows:
.
.
.
The application of security patches for 3rd party vendor managed servers is dependent on vendor
SLA’s
|
Severity |
|
Timeframe |
|
Emergency Security Patch (ESP) |
|
24 Hours |
|
1-High |
|
30 days or less |
|
2-Medium |
|
60 days or less |
|
3-Low |
|
90 days or less
|
Security patch – Code that will update the current version of a script or software, often used to fix a
bug, update security, or add a new feature or new functionality (includes service packs, hotfixes, etc.).
Severity – This is the level of importance of the security patch as defined by the vendor.
Priority – This is the level of importance of the security patch as defined by UConn. This includes a
timeframe for the expected installation of the security patch.