Skip to main content

YALE-MSS-6.1: Apply security patches regularly

Standards Group:
YALE-MSS-6: Patching

YALE-MSS-6.1: Apply security patches regularly

Low Risk Endpoint Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Required Moderate Risk Network Printer Required High Risk Network Printer Required


Timely patching is critical to safeguarding the security of IT Systems and data. This includes patching your: 

  • Operating systems 
  • Supporting software 
  • Applications 

Patch your systems at least every 30 days.

  • Vendors managing Yale IT Systems or Yale Data must meet these patching requirements. 
  • If you use containers like Docker, you must meet these patching requirements. This means rebuilding and redeploying with up-to-date software every 30 days. 

Some vulnerabilities need an emergency response in patching in less than 30 days. See Yale-MSS-6.1.1 for requirements on patching based on severity and exposure.