NIST 800-53 REV 5 • SYSTEM AND INFORMATION INTEGRITY

SI-2(6)Removal of Previous Versions of Software and Firmware

Remove previous versions of {{ insert: param, si-02.06_odp }} after updated versions have been installed.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

Previous versions of software or firmware components that are not removed from the system after updates have been installed may be exploited by adversaries. Some products may automatically remove previous versions of software and firmware from the system.

Practitioner Notes

Remove previous versions of software and firmware after updates are installed to eliminate the risk of reverting to a vulnerable version.

Example 1: After applying Windows updates, run Disk Cleanup to remove old update files and previous Windows installation files. Use DISM commands to clean the component store and prevent rollback to vulnerable versions.

Example 2: For firmware updates on network devices, after confirming the new firmware is working correctly, delete the old firmware image from the device's storage. This prevents an attacker from rolling back to a known-vulnerable firmware version.

More System and Information Integrity Controls

SI-1 Policy and Procedures SI-2 Flaw Remediation SI-2(1) Central Management SI-2(2) Automated Flaw Remediation Status