Select your location

Microsoft security update compatibility and recommendations

Eaton evaluates the applicability of Microsoft security updates to its grid automation system solution products and provides a compatibility recommendation as part of its program to help utilities meet NERC CIP requirements.

The importance of timely patch management

Timely patch management is a key requirement in ensuring the continued safe operation of control systems. For this reason, NERC CIP-007 R3 requires that utilities implement a Security Patch Management program for tracking, evaluating, testing and installing applicable cyber security software patches for all Cyber Assets within the Electronic Security Perimeter.

Many of Eaton's grid automation system solutions are based on Microsoft technology. Microsoft publishes security updates for its operating systems and applications on a regular basis. However, the deployment of a security update is a costly operation that can result in disruption of service. The decision that a utility needs to make is whether the cost of the update outweighs the risk faced from a potential attack stemming from an unpatched system.

Download previous monthly reports

As part of its program to help utilities meet NERC CIP requirements, Eaton evaluates the applicability of Microsoft security updates to its products and provides a compatibility recommendation.

These reports identify the Eaton grid automation system solutions software that has been successfully tested with Microsoft security updates, the status of Eaton’s testing and Eaton’s recommendation based on the test results.