Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST Released DRAFT Special Publication 800-40 Revision 3, Guide to Enterprise Patch Management Technologies
September 05, 2012

NIST announces the public comment release of draft NIST Special Publication (SP) 800-40 Revision 3Guide to Enterprise Patch Management Technologies. Patch management is the process for identifying, acquiring, installing, and verifying patches for products and systems. This publication is designed to assist organizations in understanding the basics of enterprise patch management technologies. It explains the importance of patch management and examines the challenges inherent in performing patch management. It provides an overview of enterprise patch management technologies and it also briefly discusses metrics for measuring the technologies' effectiveness. Draft NIST SP 800-40 Revision 3 replaces the previous release (version 2), which was published in 2005. 

Comment period CLOSED on: October 5, 2012. Send email to:, 

Related Topics

Security and Privacy: patch management

Created December 22, 2016, Updated June 22, 2020