Threat Category: Supply Chain
ID: SPC-12
Threat Description: An automated software update/patch downloader/installer can be corrupted to download malicious code and apply it to systems being sustained.1
Threat Origin
Supply Chain Attack Framework and Attack Patterns 1
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
Use fine-grained role-based access control mechanisms and user/service roles that reduce the potential that malicious installation or upgrade packages can introduce malware outside of files and directories allocated to the associated software
Scan systems with newly integrated or updated software components for indicators of compromise prior to production use
References