High-Risk Applications to Patch

All University computers and electronic devices must have the security patches for the applications listed below applied as soon as possible, but not more than 30* days after availability from the vendor.

This list has been approved by the University Chief Information Officer and will be reviewed and updated each calendar quarter. Note that although these applications are a priority, all other operating system and application program security patches and updates must also be applied.

As of September 2012

  • Adobe Acrobat
  • Adobe Flash Player
  • Adobe Reader
  • Oracle/Sun Java JRE 

*Due to the increasing risk of data exposure due to malware every day after patches are released, the CIO has asked the University IT Directors to identify best practices and make a recommendation to him. The goal is to reduce the number of days to less than 30 days to reduce institutional risk.