Patch Update failure. We hear it all the time! Reports cite that 75% of attacks use publicly known vulnerabilities in commercial software. These attacks can be prevented if the software is patched regularly. If you are running an outdated version of a software on your network, you are obviously vulnerable to security compromises.
Consider the recent breach at Adobe®. Part of the break-in involved some known vulnerabilities with their Acrobat® Reader® and their ColdFusion® Web application platform which resulted in the theft of source code.
Missing the security approach
One of the main reasons for the security breach could be patch management. In most cases, we see patches as more of an operational routine without considering the security aspects. Taking a security approach with patches gives you the perspective of what patches to apply and when.
Do you test the patches before deploying to your network?
For most vulnerabilities, the fixes become available pretty quickly but they need to undergo a risk assessment and compatibility check before they are deployed. It would be advisable to employ a patch management software that researches, scripts, packages, and tests patches for common 3rd-party applications. Then it delivers ready-to-deploy patches. Also, you need to create advanced before-and-after package deployment scenarios to ensure that complicated patches, such as Oracle® Java® deploy successfully without using any complex scripting.
Do you prioritize your patches?
You don’t necessarily need to update all the applications in all your devices in your network in the first batch. However, make sure that you patch your critical security vulnerabilities ahead of other patches. If you do not prioritize, test, or make risk assessments on your patches, you increase the chances that your patch management will fail.
There are situations where organizations do not clearly understand the limitations of their existing solutions and need to extend their capabilities with the help of add-on solutions. For example, if you are using Microsoft System Center Configuration Manager (SCCM), you need to understand that it is not a complete solution for your patch issues as they leave a gap when it comes to non-Microsoft applications. This means that you are still vulnerable when it comes to 3rd-party applications and the consequences of such vulnerabilities, if exploited, can have a devastating impact upon your IT environment. Having an efficient patch management software would help extend the power of SCCM and also manage 3rd-party patches.
Lastly, you need to ensure that your patch manager is capable of alerting you when your patch updates are unsuccessful, i.e. they need to be able to send you notifications on the unsuccessful patch updates.
Stay secure folks!