Monday, November 12, 2012 4:13 PM
Sorry this is going to come across as a dumb question. And I know this seems like an odd place to ask but I'm not sure where else to ask, so please bare with me. I work for a company that has to be PCI compliant as we deal with banks. As part of our compliance we have to submit vulnerability scans quarterly. We use Symantec's CCS (ultimately rapid 7) scanning to check for vulnerabilities. A very common one across our systems is Java being out of date. For example a lot of systems report that they need Java 7 update 7. I have created a Java update with SCUP and have distributed it via SCCM to update Java 7 to update 9. How ever upon a rescan we still get critical vulnerabilities that Java 7 update 7 should be installed even though those systems definitely have Update 9 installed. So I need to know if I jump from say update 2 to update 9 will that fix the issues update 7 was suppose to fix or do I have to update Java with consecutive updates? I'm hoping that the CCS system is just being dumb.
Thank in advance for your help.
Wednesday, November 14, 2012 1:47 AMYes if you jump from update 2 to update 9, it should address the issues in update 7.
Mark D. Albin IT Master Services www.itmasterservice.com (775) 229-4254
- Marked As Answer by StSparky Wednesday, November 14, 2012 11:40 AM
Wednesday, November 14, 2012 11:40 AMThanks Mark, thats what i thought but my boss works with reports and pictures and they telling a different story. Thanks again for the confirmation.