Security Patches

The application of security patches is scheduled to limit interference with users.

The required deployment schedule for security patches is as follows:

.
.
.

The application of security patches for 3rd party vendor managed servers is dependent on vendor
SLA’s

 

Severity

 

Timeframe

Emergency Security Patch (ESP)

 

 24 Hours

1-High

 

30 days or less

2-Medium

 

 60 days or less

3-Low

 

90 days or less

 

Security patch – Code that will update the current version of a script or software, often used to fix a
bug, update security, or add a new feature or new functionality (includes service packs, hotfixes, etc.).
Severity – This is the level of importance of the security patch as defined by the vendor.
Priority – This is the level of importance of the security patch as defined by UConn. This includes a
timeframe for the expected installation of the security patch.