Ensure that the latest OS patches (critical security and system updates) are being applied to all your Microsoft Azure virtual machines (Windows and Linux) in order to improve the operating system (OS) general stability, address a specific bug or flaw, or fix a security vulnerability.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
Azure Security Center retrieves a list of available security and critical updates from Windows Update or Windows Server Update Services (WSUS), depending on the service configured on your virtual machines (VMs). The Security Center service also checks for the latest updates within Linux systems. If one of your virtual machines is missing a system update, Azure Security Center will recommend updating the VM's operating system. Cloud Conformity strongly recommends applying the latest system updates/OS patches as soon as these become available, in order to improve your VM's security, functionality, and performance.
Audit
To determine if your Azure VMs have the latest system updates installed, perform the following actions:
Note: Checking your Microsoft Azure virtual machines to find out if they have the latest system updates installed using Azure Command Line Interface (CLI) is not currently supported.Remediation / Resolution
To apply the latest OS patches (critical security and system updates) to all your Microsoft Azure virtual machines following Azure Security Center recommendations, perform the following actions:
Note: Applying the latest OS patches for your Azure virtual machines (VMs) using the Azure Command Line Interface (CLI) is not currently supported.