SI.L2-3.14.4 — Update malicious code protection mechanisms when new releases are available.
What this control requires
Update malicious code protection mechanisms when new releases are available.
Source: CMMC L2 v2.13 SI.L2-3.14.4 / NIST SP 800-171 R2 3.14.4 (official control text).
Why this matters
Malicious code evolves daily — new ransomware variants, zero-day exploits, and polymorphic malware bypass yesterday's defenses. This control ensures your anti-virus signatures, threat intelligence feeds, and endpoint detection rules stay current. Without frequent updates, attackers slip through stale definitions, compromising workstations, servers, and cloud workloads. Updating protection mechanisms closes the detection gap, stopping malware before it executes, exfiltrates data, or spreads laterally. This control protects the confidentiality and integrity of CUI by ensuring real-time threat intelligence reaches every endpoint and boundary.
What evidence assessors expect
Assessors typically look for: screenshot, CSV export, PDF. FORCE coaches you through the exact implementation steps and captures each artifact in-platform.
Related controls
See your live posture on SI.L2-3.14.4.
FORCE shows where you stand on this control and walks you through closing it.
Start a free trial tenant →