Ensure Software Updates are Securely Signed
Make sure software updates and patches are securely signed to verify they are authentic and untampered.
Plain language
Ensuring software updates are securely signed means making sure the updates you install are safe and come from a trusted source. This is important because if updates aren’t verified for authenticity, hackers could take control of your systems by sneaking malicious software in through those updates.
Framework
ASD Information Security Manual (ISM)
Control effect
Preventative
Classifications
NC, OS, P, S, TS
ISM last updated
Feb 2025
Control Stack last updated
19 Mar 2026
E8 maturity levels
N/A
Guideline
Guidelines for software developmentOfficial control statement
Installers, patches and updates are digitally signed or provided with cryptographic checksums as part of software development.
Why it matters
Unchecked software updates can enable attackers to inject malicious code, compromising systems and causing data breaches.
Operational notes
Verify update signatures or cryptographic checksums before install; quarantine and report any unsigned or mismatched packages.
Implementation tips
- IT team should check current software update practices: Make sure every software update process includes a step to confirm that updates come with a digital signature. This can be done by checking the update's signature before it's applied.
- Software developers should integrate code-signing certificates into their development process: Ensure every piece of software released by your organisation includes a digital signature. This involves obtaining trusted certificates from a reputable provider and using them to sign your software.
- Procurement should verify vendor security practices: Whenever purchasing new software solutions, ask vendors how they handle software update authentication. Only proceed with suppliers who can confirm they use secure update processes.
- Managers should arrange training for staff on recognising authentic software updates: Hold workshops for your team to explain the signs of legitimate software updates and what to do if they think an update might be suspicious.
- IT team should regularly review digital signatures and certificates: Schedule routine checks on the validity of certificates and replace them if they're close to expiry. Use tools that automatically alert you when signatures or certificates are invalid.
Audit / evidence tips
-
Aska list of all software used by the organisation and their update procedures
-
Askrecords of staff training sessions on software update verification
-
Askvendor security assurances: Check vendor agreements and communications for clauses about software update security
Goodincludes explicit vendor commitments to secure update practices and evidence of regular audits or security reviews
Cross-framework mappings
How ISM-1797 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| layers Partially meets (2) expand_less | ||
| Annex A 8.19 | ISM-1797 requires installers, patches and updates to be digitally signed or accompanied by cryptographic checksums so their authenticity ... | |
| Annex A 8.24 | ISM-1797 focuses on using digital signatures or cryptographic checksums to assure the integrity and provenance of software updates | |
| handshake Supports (3) expand_less | ||
| Annex A 5.19 | ISM-1797 requires organisations to ensure installers, patches and updates are authenticated using digital signatures or cryptographic che... | |
| Annex A 5.21 | ISM-1797 requires software updates to be digitally signed or provided with cryptographic checksums to reduce the risk of tampering and co... | |
| Annex A 8.25 | ISM-1797 requires software development outputs (installers, patches and updates) to be digitally signed or distributed with cryptographic... | |
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.