SlideShare une entreprise Scribd logo

Patch management

GFI Software
GFI Software

Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department undertakes on a daily basis. This white paper examines the important role played by patch management to help organizations keep their PC real estate fully up-to-date with the latest security patches, without unduly compromising reliability, productivity, security and data integrity.

Technologie
1  sur  7
Télécharger pour lire hors ligne
GFI White Paper Patch management: Fixing vulnerabilities before they are exploited Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department undertakes on a daily basis. This white paper examines the important role played by patch management to help organizations keep their PC real estate fully up-to-date with the latest security patches, without unduly compromising reliablity, productivity, security and data integrity.
Contents Introduction 3 Importance of patch management 3 Balancing security with reliability 4 Solutions for effective patch management 5 Summary 5 About GFI® 6 Patch management - Fixing vulnerabilities before they are exploited 2
Introduction Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department undertakes on a daily basis. While software updates serve many important roles, be it delivering feature improvements or fixing bugs and security vulnerabilities, they bring with them a number of potential challenges for the IT Department in terms of ensuring systems are up-to-date, new problems are not introduced by patches designed to fix things, and updates do not create compatibility or instability issues. All this needs to be done while ensuring that updates are pushed to PCs as quickly as possible to prevent vulnerabilities being exploited. The constantly evolving software landscape makes patch management an important consideration for all IT decision makers, regardless of organization size. Software that is not kept up-to-date with the latest patches and version updates runs the risk of creating weak points in your organization’s security strategy, placing servers and client devices at risk from exploitation by malware, hacking attacks, as well as increasing the risk of reliability-based failure and data loss. The number of vulnerabilities in software commonly found on client PCs grew by 71 percent between 2009 and 2010 . This jump is due in large part to problems occurring within third-party applications, rather than with issues directly related to the underlying Windows operating system (OS) or Microsoft-produced application software. Effective patch management improves reliability and IT efficiency, automating many of the administrative tasks associated with deploying software updates while minimizing the amount of downtime associated with patch deployment, patch auditing and patch roll-back. Importance of patch management The process of keeping a PC or a server fully patched is easier today than ever, thanks in part to the moves of several key software vendors to build automated updates checking into their applications, as well as the highly-developed Microsoft update service, which can download and, in many cases, install updates in the background without requiring user input or a system reboot. Nonetheless, the installation of patches, if left solely to the user, can be overlooked, leading to known vulnerabilities being left unaddressed and ripe for exploitation. By virtue of being an application and OS vendor, Microsoft attracts the most attention when it comes to issuing and installing software updates. However, the majority of known application vulnerabilities continue to come from third parties, while the smallest percentage of threats resides in the OS itself. The implications of third-party software on PC security and reliability is further challenged by the role of browser plug-ins, media player codecs and other bolt-on codes that works in conjunction with an existing application or system service. The vulnerability challenges posed by third-party applications can best be illustrated by looking at the most targeted applications. Using 2010 data from the US National Vulnerability Database, we can see that of the top 10 applications targeted for vulnerabilities, ranked by total number of targeted vulnerabilities, nine were third- party applications: »» Google Chrome – 152 targeted vulnerabilities »» Apple Safari – 122 targeted vulnerabilities »» Mozilla Firefox – 103 targeted vulnerabilities »» Apple Webkit – 94 targeted vulnerabilities »» Mozilla Seamonkey – 77 targeted vulnerabilities »» Adobe Reader – 60 targeted vulnerabilities »» Mozilla Thunderbird - 60 targeted vulnerabilities »» Adobe Flash Player – 59 targeted vulnerabilities Patch management - Fixing vulnerabilities before they are exploited 3
»» Microsoft Internet Explorer - 59 targeted vulnerabilities »» Adobe Acrobat – 57 targeted vulnerabilities. Microsoft Internet Explorer, the highest ranked Microsoft application, was also the highest ranked OS-installed application on the list sharing sixth place with Adobe Reader. Microsoft Office, the company’s highest- placed add-on software product, placed 11th. Oracle’s Java Runtime Environment, often targeted when vulnerabilities are revealed by the release of a patch, placed 12th. The data also illustrates how web browsers continue to be the weakest point when it comes to software- based vulnerabilities. In terms of operating systems, various versions of Microsoft Windows dominate the field by virtue of the sheer market penetration of the OS, while Linux and both the server and desktop versions of Mac OS X follow very close behind. In fact, in 2010 the desktop versions of Mac OS X experienced 96 targeted vulnerabilities compared to 88 for Windows Vista and 66 for Windows 7, the latest incarnation of the OS. Managing software updates and critical patch deployment manually will quickly increase the maintenance overhead associated with applications and the operating systems they run on, to the point of overwhelming the IT team. For example, the volume of software updates and critical vulnerability patches issued by the average vendor varies, but in the case of market leader Microsoft, the size of its monthly ‘Patch Tuesday’ software update payload can be significant. In April 2011 alone, Microsoft delivered 64 critical fixes across 17 software updates, while the previous month it fixed just four known flaws with three updates. In February 2011, Adobe patched 42 known bugs and vulnerabilities in its Adobe Reader and Flash products, while Oracle patched 73 known security vulnerabilities across its entire product line in April 2011. The latter is an example of how complex patch management can be if not automated, as Oracle’s patching applied to both organically-developed products as well as a number of high-profile acquired products that still sit outside the core Oracle code set such as JD Edwards, PeopleSoft, Siebel and OpenOffice. These are just a few examples of a much larger software patching landscape that affects all software vendors. These are also examples of how little predictability there is in the volume of severity of the patches being issued; and with it the resources that will be needed to ensure they are installed. Balancing security with reliability Various steps have been taken by operating system and application vendors to simplify the process and to minimize the window during which a machine is exposed to a known application or underlying OS vulnerability, such as integrating automated update download mechanisms and pop-up windows to alert users on the availability of a new update, as well as offering educational notes on why the user needs to deploy the update. Such services have a weakness in that they rely on users who actively connect to the Internet and allow updates to be downloaded and installed. The ease with which end-users can update their own machines, coupled with the benefits of encouraging them to do so, also means that the IT department needs to maintain visibility of what patches have been installed in the event that a problem arises. Even a fully-patched machine can present problems for both the user and the business. For example, in February 2010 Microsoft issued a patch for Windows XP, called MS10-015. The patch, intended to fix long- standing security vulnerabilities in the OS, was found to create significant system instability in certain configurations of PCs, leading to the unrecoverable ‘Blue Screen of Death’ Windows error. The error led to the temporary suspension of the patch from Microsoft’s Windows Update patch download service while the instability issues were investigated and fixed. For users that had already installed the patch, the most prudent cause of action was to uninstall the patch and roll the system back to the previous good state. Patch management - Fixing vulnerabilities before they are exploited 4
The ability to roll back a patch is essential to ensure a swift remediation of software problems caused by the installation of a software update. There are numerous reasons why an organization might need or choose to revoke a software update that has been pushed out by a vendor and installed: »» Instability – As with the example above, the wide range of potential configurations and software combinations on a PC can mean that even a well-tested software patch can cause a machine or application to malfunction after installation. »» Compatibility – Upgrades can create problems including implementing changes to file formats, database structures, storage formats and communication protocols that have not been carried through the IT estate, or which have not been adopted by a customer or supplier, thus breaking workflow. »» Driver clashes – In instances where the software update makes extensive changes to the way the software interfaces with hardware, it may be necessary to uninstall a patch and hold off deploying until hardware drivers have been updated to restore compatibility with the operating system or application. While other solutions exist for patch management, such as Microsoft’s own Windows Server Update Services (WSUS), these solutions are usually limited in both their scope and ability to automate the patch management process. In the case of WSUS, patch management is limited to only Microsoft applications and system patches issued through the Microsoft Update framework. Third party solutions are not catered for, while the ability to revoke and remove a patch that has already been installed is reliant on the operating system, successfully creating a Microsoft Restore Point at the time the patch was added, meaning that rolling back a system can result in other perfectly working third party applications being uninstalled in the process. Solutions for effective patch management The integrated mechanisms for delivering patches and other software updates to applications and operating systems form just one part of the process. For any organization, the key is to deploy an all-encompassing patch management solution that can automate the process of managing patch deployment and provide quick and easy visibility of the current state of patching on all machines. A solution such as GFI LanGuard™ delivers complete suite of patch management tools in one application. With it, IT administrators can monitor the IT estate to provide a single view of what has been installed on each connected client or server, and trigger automated detection, downloading and deployment of missing patches to ensure a machine is fully patched before it becomes a problem. This approach ensures that known vulnerabilities are addressed before they are exploited; and therefore drastically reduces the maintenance burden placed on IT personnel. In addition, the patch management solution should provide administrators with an effective means to roll-back problematic patches, returning the machine to its pre-patch state in the event of compatibility or instability issues arising after the installation of an update. This feature is independent of Microsoft’s Restore Point technology and applies to both system and third party patches. Summary The process of patch management has, over time, been complicated by the growth in operating system and application patches, along with driver updates, many of which are delivered to servers and clients via vendor- operated automated update services but without the safety net of pre-testing to ensure broad compatibility and stability with a wide range of custom configurations of server or desktop PC. Patch management plays a critical role in ensuring that companies can keep their PC real estate fully up- to-date with the latest security patches and software updates, without unduly compromising reliability, productivity, security and data integrity. A robust patch management solution that combines swift roll-back of problem patches with a single view of what patches are installed on machines across the organization, is a critical component of both software management and IT security strategies. As part of a wider IT security policy, such a solution will ensure that applications are not placed at unnecessary risk, while ensuring that a policy of encouraging end-users to accept and install critical updates at the first possible opportunity can be maintained. Patch management - Fixing vulnerabilities before they are exploited 5
About GFI GFI Software provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small to medium-sized enterprises (SMEs) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy and a strong focus on the unique requirements of SMEs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States (North Carolina, California and Florida), UK (London and Dundee), Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner. More information about GFI can be found at http://www.gfi.com. Patch management - Fixing vulnerabilities before they are exploited 6
USA,»CANADA»AND»CENTRAL»AND»SOUTH»AMERICA 15300 Weston Parkway, Suite 104, Cary, NC 27513, USA Telephone: +1 (888) 243-4329 Fax: +1 (919) 379-3402 ussales@gfi.com UK»AND»REPUBLIC»OF»IRELAND Magna House, 18-32 London Road, Staines, Middlesex, TW18 4BP, UK Telephone: +44 (0) 870 770 5370 Fax: +44 (0) 870 770 5377 sales@gfi.co.uk EUROPE,»MIDDLE»EAST»AND»AFRICA GFI House, San Andrea Street, San Gwann, SGN 1612, Malta Telephone: +356 2205 2000 Fax: +356 2138 2419 sales@gfi.com AUSTRALIA»AND»NEW»ZEALAND 83 King William Road, Unley 5061, South Australia Telephone: +61 8 8273 3000 Fax: +61 8 8273 3099 sales@gfiap.com Disclaimer © 2011. GFI Software. All rights reserved. All product and company names herein may be trademarks of their respective owners. The information and content in this document is provided for informational purposes only and is provided “as is” with no warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. GFI Software is not liable for any damages, including any consequential damages, of any kind that may result from the use of this document. The information is obtained from publicly available sources. Though reasonable effort has been made to ensure the accuracy of the data provided, GFI makes no claim, promise or guarantee about the completeness, accuracy, recency or adequacy of information and is not responsible for misprints, out- of-date information, or errors. GFI makes no warranty, express or implied, and assumes no legal liability or responsibility for the accuracy or completeness of any information contained in this document. If you believe there are any factual errors in this document, please contact us and we will review your concerns as soon as practical.

Recommandé

Network Environments
Network EnvironmentsNetwork Environments
Network EnvironmentsGFI Software
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBsGFI Software
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
Hybrid Technology
Hybrid TechnologyHybrid Technology
Hybrid TechnologyGFI Software
 
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...GFI Software
 
Infoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedInfoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedKim Jensen
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Securityarms8586
 
Beyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityBeyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityUltraUploader
 

Recommandé

Network Environments
Network EnvironmentsNetwork Environments
Network EnvironmentsGFI Software
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBsGFI Software
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
Hybrid Technology
Hybrid TechnologyHybrid Technology
Hybrid TechnologyGFI Software
 
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...GFI Software
 
Infoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedInfoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedKim Jensen
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Securityarms8586
 
Beyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityBeyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityUltraUploader
 
Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Kim Jensen
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Security
 
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSIIBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSIAGILLY
 
Thinking of choosing Trend Micro?
Thinking of choosing Trend Micro?Thinking of choosing Trend Micro?
Thinking of choosing Trend Micro?Symantec
 
Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.uNIX Jim
 
E guide weathering the storm at your business
E guide weathering the storm at your businessE guide weathering the storm at your business
E guide weathering the storm at your businessSoma Technology Group
 
Growth Uninterrupted with Security, Scalability and Simplicity
Growth Uninterrupted with Security, Scalability and SimplicityGrowth Uninterrupted with Security, Scalability and Simplicity
Growth Uninterrupted with Security, Scalability and SimplicityPeopleWorks IN
 
ILTA Mobile Security Gap
ILTA Mobile Security GapILTA Mobile Security Gap
ILTA Mobile Security GapGes Ray
 
The Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationThe Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationIBM Security
 
V mware vdi environment
V mware vdi environmentV mware vdi environment
V mware vdi environmentajitambekar
 
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceWhite Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceCourtland Smith
 
IRJET- Underpinning the Impact of Web Application Security on Businesses ...
IRJET- Underpinning the Impact of Web Application Security on Businesses ...IRJET- Underpinning the Impact of Web Application Security on Businesses ...
IRJET- Underpinning the Impact of Web Application Security on Businesses ...IRJET Journal
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) Eoin Keary
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...Arrow ECS UK
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...white paper
 
Peoplesoft Erp
Peoplesoft ErpPeoplesoft Erp
Peoplesoft ErpAppsian
 
Paper4
Paper4Paper4
Paper4Kestone
 
gss_windows7_migration_whitepapers
gss_windows7_migration_whitepapersgss_windows7_migration_whitepapers
gss_windows7_migration_whitepapersBonani Bhattacharjee
 
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Quick Heal Technologies Ltd.
 
Moxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemMoxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemDigital River
 
Fortify Continuous Delivery
Fortify Continuous DeliveryFortify Continuous Delivery
Fortify Continuous DeliveryMainstay
 

Contenu connexe

Tendances

Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Kim Jensen
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Security
 
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSIIBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSIAGILLY
 
Thinking of choosing Trend Micro?
Thinking of choosing Trend Micro?Thinking of choosing Trend Micro?
Thinking of choosing Trend Micro?Symantec
 
Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.uNIX Jim
 
E guide weathering the storm at your business
E guide weathering the storm at your businessE guide weathering the storm at your business
E guide weathering the storm at your businessSoma Technology Group
 
Growth Uninterrupted with Security, Scalability and Simplicity
Growth Uninterrupted with Security, Scalability and SimplicityGrowth Uninterrupted with Security, Scalability and Simplicity
Growth Uninterrupted with Security, Scalability and SimplicityPeopleWorks IN
 
ILTA Mobile Security Gap
ILTA Mobile Security GapILTA Mobile Security Gap
ILTA Mobile Security GapGes Ray
 
The Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationThe Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationIBM Security
 
V mware vdi environment
V mware vdi environmentV mware vdi environment
V mware vdi environmentajitambekar
 
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceWhite Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceCourtland Smith
 
IRJET- Underpinning the Impact of Web Application Security on Businesses ...
IRJET- Underpinning the Impact of Web Application Security on Businesses ...IRJET- Underpinning the Impact of Web Application Security on Businesses ...
IRJET- Underpinning the Impact of Web Application Security on Businesses ...IRJET Journal
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) Eoin Keary
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...Arrow ECS UK
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...white paper
 
Peoplesoft Erp
Peoplesoft ErpPeoplesoft Erp
Peoplesoft ErpAppsian
 

Tendances (18)

Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions Roadmap
 
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSIIBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
 
Thinking of choosing Trend Micro?
Thinking of choosing Trend Micro?Thinking of choosing Trend Micro?
Thinking of choosing Trend Micro?
 
Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.
 
E guide weathering the storm at your business
E guide weathering the storm at your businessE guide weathering the storm at your business
E guide weathering the storm at your business
 
Growth Uninterrupted with Security, Scalability and Simplicity
Growth Uninterrupted with Security, Scalability and SimplicityGrowth Uninterrupted with Security, Scalability and Simplicity
Growth Uninterrupted with Security, Scalability and Simplicity
 
ILTA Mobile Security Gap
ILTA Mobile Security GapILTA Mobile Security Gap
ILTA Mobile Security Gap
 
The Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationThe Economics of IT Risk and Reputation
The Economics of IT Risk and Reputation
 
V mware vdi environment
V mware vdi environmentV mware vdi environment
V mware vdi environment
 
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceWhite Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic Workforce
 
IRJET- Underpinning the Impact of Web Application Security on Businesses ...
IRJET- Underpinning the Impact of Web Application Security on Businesses ...IRJET- Underpinning the Impact of Web Application Security on Businesses ...
IRJET- Underpinning the Impact of Web Application Security on Businesses ...
 
edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019) edgescan vulnerability stats report (2019)
edgescan vulnerability stats report (2019)
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
Seeing Through the Clouds – the Vision of the CTO Office, Joe Baguley - Chief...
 
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
Safety in the Cloud(s): 'Vaporizing' the Web Application Firewall to Secure C...
 
Peoplesoft Erp
Peoplesoft ErpPeoplesoft Erp
Peoplesoft Erp
 
Paper4
Paper4Paper4
Paper4
 

Similaire à Patch management

gss_windows7_migration_whitepapers
gss_windows7_migration_whitepapersgss_windows7_migration_whitepapers
gss_windows7_migration_whitepapersBonani Bhattacharjee
 
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Quick Heal Technologies Ltd.
 
Moxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemMoxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemDigital River
 
Fortify Continuous Delivery
Fortify Continuous DeliveryFortify Continuous Delivery
Fortify Continuous DeliveryMainstay
 
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSesTECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSesSymantec
 
Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and RiskSecPod Technologies
 
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...Unveiling Advanced Persistence Techniques Through Application Shimming and Co...
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...IJCNCJournal
 
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...Unveiling Advanced Persistence Techniques Through Application Shimming and Co...
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...IJCNCJournal
 
Running Head VIRTUALIZATION 1VIRTUALIZATION 1Virt.docx
Running Head VIRTUALIZATION 1VIRTUALIZATION 1Virt.docxRunning Head VIRTUALIZATION 1VIRTUALIZATION 1Virt.docx
Running Head VIRTUALIZATION 1VIRTUALIZATION 1Virt.docxrtodd599
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability ManagementGFI Software
 
Primary Applications of Integration Testing.pdf
Primary Applications of Integration Testing.pdfPrimary Applications of Integration Testing.pdf
Primary Applications of Integration Testing.pdfRohitBhandari66
 
Configuration Management: a Critical Component to Vulnerability Management
Configuration Management: a Critical Component to Vulnerability ManagementConfiguration Management: a Critical Component to Vulnerability Management
Configuration Management: a Critical Component to Vulnerability ManagementChris Furton
 
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docxRunning head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docxtodd521
 
Rewriting the rules of patch management
Rewriting the rules of patch managementRewriting the rules of patch management
Rewriting the rules of patch managementArun Gopinath
 
Tackling Enterprise App Incompatibility
Tackling Enterprise App IncompatibilityTackling Enterprise App Incompatibility
Tackling Enterprise App Incompatibilityxpmigration
 
SOFDESG 01 Introduction.pdf
SOFDESG 01 Introduction.pdfSOFDESG 01 Introduction.pdf
SOFDESG 01 Introduction.pdfJimCValencia1
 
2021-10-14 The Critical Role of Security in DevOps.pdf
2021-10-14 The Critical Role of Security in DevOps.pdf2021-10-14 The Critical Role of Security in DevOps.pdf
2021-10-14 The Critical Role of Security in DevOps.pdfSavinder Puri
 

Similaire à Patch management (20)

gss_windows7_migration_whitepapers
gss_windows7_migration_whitepapersgss_windows7_migration_whitepapers
gss_windows7_migration_whitepapers
 
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...Centralized Patch Management - Proven Security Approach for Ransomware Protec...
Centralized Patch Management - Proven Security Approach for Ransomware Protec...
 
Moxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating SystemMoxa Tech White Paper - Choosing An Embedded Operating System
Moxa Tech White Paper - Choosing An Embedded Operating System
 
Fortify Continuous Delivery
Fortify Continuous DeliveryFortify Continuous Delivery
Fortify Continuous Delivery
 
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSesTECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
TECHNICAL BRIEF Protecting & Migrating Legacy Windows OSes
 
Vulnerability , Malware and Risk
Vulnerability , Malware and RiskVulnerability , Malware and Risk
Vulnerability , Malware and Risk
 
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...Unveiling Advanced Persistence Techniques Through Application Shimming and Co...
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...
 
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...Unveiling Advanced Persistence Techniques Through Application Shimming and Co...
Unveiling Advanced Persistence Techniques Through Application Shimming and Co...
 
Running Head VIRTUALIZATION 1VIRTUALIZATION 1Virt.docx
Running Head VIRTUALIZATION 1VIRTUALIZATION 1Virt.docxRunning Head VIRTUALIZATION 1VIRTUALIZATION 1Virt.docx
Running Head VIRTUALIZATION 1VIRTUALIZATION 1Virt.docx
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
MDOP 2011
MDOP 2011MDOP 2011
MDOP 2011
 
Primary Applications of Integration Testing.pdf
Primary Applications of Integration Testing.pdfPrimary Applications of Integration Testing.pdf
Primary Applications of Integration Testing.pdf
 
Configuration Management: a Critical Component to Vulnerability Management
Configuration Management: a Critical Component to Vulnerability ManagementConfiguration Management: a Critical Component to Vulnerability Management
Configuration Management: a Critical Component to Vulnerability Management
 
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docxRunning head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
Running head UNPATCHED CLIENT SOFTWAREUNPATCHED CLIENT SOFTWARE.docx
 
Rewriting the rules of patch management
Rewriting the rules of patch managementRewriting the rules of patch management
Rewriting the rules of patch management
 
Tackling Enterprise App Incompatibility
Tackling Enterprise App IncompatibilityTackling Enterprise App Incompatibility
Tackling Enterprise App Incompatibility
 
Software modernization
Software modernizationSoftware modernization
Software modernization
 
SOFDESG 01 Introduction.pdf
SOFDESG 01 Introduction.pdfSOFDESG 01 Introduction.pdf
SOFDESG 01 Introduction.pdf
 
2021-10-14 The Critical Role of Security in DevOps.pdf
2021-10-14 The Critical Role of Security in DevOps.pdf2021-10-14 The Critical Role of Security in DevOps.pdf
2021-10-14 The Critical Role of Security in DevOps.pdf
 
Ppt cc
Ppt ccPpt cc
Ppt cc
 

Plus de GFI Software

Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013GFI Software
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesGFI Software
 
Understanding Data Backups
Understanding Data BackupsUnderstanding Data Backups
Understanding Data BackupsGFI Software
 
Master Class Series
Master Class SeriesMaster Class Series
Master Class SeriesGFI Software
 
Deploying GFI EventsManager™
Deploying GFI EventsManager™Deploying GFI EventsManager™
Deploying GFI EventsManager™GFI Software
 
How to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log ManagementHow to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log ManagementGFI Software
 
How to configure IBM iSeries event collection with Audit and GFI EventsManager
How to configure IBM iSeries event collection with Audit and GFI EventsManagerHow to configure IBM iSeries event collection with Audit and GFI EventsManager
How to configure IBM iSeries event collection with Audit and GFI EventsManagerGFI Software
 
Email Security Solutions
Email Security SolutionsEmail Security Solutions
Email Security SolutionsGFI Software
 
Messaging and Web Security
Messaging and Web SecurityMessaging and Web Security
Messaging and Web SecurityGFI Software
 
How to Keep Spam Off Your Network
How to Keep Spam Off Your NetworkHow to Keep Spam Off Your Network
How to Keep Spam Off Your NetworkGFI Software
 
How to Block NDR Spam
How to Block NDR SpamHow to Block NDR Spam
How to Block NDR SpamGFI Software
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productGFI Software
 
Binary translation
Binary translationBinary translation
Binary translationGFI Software
 

Plus de GFI Software (20)

Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage Devices
 
Email Continuity
Email ContinuityEmail Continuity
Email Continuity
 
Understanding Data Backups
Understanding Data BackupsUnderstanding Data Backups
Understanding Data Backups
 
Data Backups
Data BackupsData Backups
Data Backups
 
Master Class Series
Master Class SeriesMaster Class Series
Master Class Series
 
Security and SMBs
Security and SMBsSecurity and SMBs
Security and SMBs
 
Deploying GFI EventsManager™
Deploying GFI EventsManager™Deploying GFI EventsManager™
Deploying GFI EventsManager™
 
How to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log ManagementHow to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log Management
 
How to configure IBM iSeries event collection with Audit and GFI EventsManager
How to configure IBM iSeries event collection with Audit and GFI EventsManagerHow to configure IBM iSeries event collection with Audit and GFI EventsManager
How to configure IBM iSeries event collection with Audit and GFI EventsManager
 
Email Security Solutions
Email Security SolutionsEmail Security Solutions
Email Security Solutions
 
Maxmp greylisting
Maxmp greylistingMaxmp greylisting
Maxmp greylisting
 
Messaging and Web Security
Messaging and Web SecurityMessaging and Web Security
Messaging and Web Security
 
How to Keep Spam Off Your Network
How to Keep Spam Off Your NetworkHow to Keep Spam Off Your Network
How to Keep Spam Off Your Network
 
How to Block NDR Spam
How to Block NDR SpamHow to Block NDR Spam
How to Block NDR Spam
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware product
 
Email Continuity
Email ContinuityEmail Continuity
Email Continuity
 
Greylisting
GreylistingGreylisting
Greylisting
 
Binary translation
Binary translationBinary translation
Binary translation
 
Stopping Malware
Stopping MalwareStopping Malware
Stopping Malware
 

Dernier

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Dernier (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Patch management

  • 1. GFI White Paper Patch management: Fixing vulnerabilities before they are exploited Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department undertakes on a daily basis. This white paper examines the important role played by patch management to help organizations keep their PC real estate fully up-to-date with the latest security patches, without unduly compromising reliablity, productivity, security and data integrity.
  • 2. Contents Introduction 3 Importance of patch management 3 Balancing security with reliability 4 Solutions for effective patch management 5 Summary 5 About GFI® 6 Patch management - Fixing vulnerabilities before they are exploited 2
  • 3. Introduction Managing and administering software updates remains one of the most challenging and resource-intensive tasks an IT Department undertakes on a daily basis. While software updates serve many important roles, be it delivering feature improvements or fixing bugs and security vulnerabilities, they bring with them a number of potential challenges for the IT Department in terms of ensuring systems are up-to-date, new problems are not introduced by patches designed to fix things, and updates do not create compatibility or instability issues. All this needs to be done while ensuring that updates are pushed to PCs as quickly as possible to prevent vulnerabilities being exploited. The constantly evolving software landscape makes patch management an important consideration for all IT decision makers, regardless of organization size. Software that is not kept up-to-date with the latest patches and version updates runs the risk of creating weak points in your organization’s security strategy, placing servers and client devices at risk from exploitation by malware, hacking attacks, as well as increasing the risk of reliability-based failure and data loss. The number of vulnerabilities in software commonly found on client PCs grew by 71 percent between 2009 and 2010 . This jump is due in large part to problems occurring within third-party applications, rather than with issues directly related to the underlying Windows operating system (OS) or Microsoft-produced application software. Effective patch management improves reliability and IT efficiency, automating many of the administrative tasks associated with deploying software updates while minimizing the amount of downtime associated with patch deployment, patch auditing and patch roll-back. Importance of patch management The process of keeping a PC or a server fully patched is easier today than ever, thanks in part to the moves of several key software vendors to build automated updates checking into their applications, as well as the highly-developed Microsoft update service, which can download and, in many cases, install updates in the background without requiring user input or a system reboot. Nonetheless, the installation of patches, if left solely to the user, can be overlooked, leading to known vulnerabilities being left unaddressed and ripe for exploitation. By virtue of being an application and OS vendor, Microsoft attracts the most attention when it comes to issuing and installing software updates. However, the majority of known application vulnerabilities continue to come from third parties, while the smallest percentage of threats resides in the OS itself. The implications of third-party software on PC security and reliability is further challenged by the role of browser plug-ins, media player codecs and other bolt-on codes that works in conjunction with an existing application or system service. The vulnerability challenges posed by third-party applications can best be illustrated by looking at the most targeted applications. Using 2010 data from the US National Vulnerability Database, we can see that of the top 10 applications targeted for vulnerabilities, ranked by total number of targeted vulnerabilities, nine were third- party applications: »» Google Chrome – 152 targeted vulnerabilities »» Apple Safari – 122 targeted vulnerabilities »» Mozilla Firefox – 103 targeted vulnerabilities »» Apple Webkit – 94 targeted vulnerabilities »» Mozilla Seamonkey – 77 targeted vulnerabilities »» Adobe Reader – 60 targeted vulnerabilities »» Mozilla Thunderbird - 60 targeted vulnerabilities »» Adobe Flash Player – 59 targeted vulnerabilities Patch management - Fixing vulnerabilities before they are exploited 3
  • 4. »» Microsoft Internet Explorer - 59 targeted vulnerabilities »» Adobe Acrobat – 57 targeted vulnerabilities. Microsoft Internet Explorer, the highest ranked Microsoft application, was also the highest ranked OS-installed application on the list sharing sixth place with Adobe Reader. Microsoft Office, the company’s highest- placed add-on software product, placed 11th. Oracle’s Java Runtime Environment, often targeted when vulnerabilities are revealed by the release of a patch, placed 12th. The data also illustrates how web browsers continue to be the weakest point when it comes to software- based vulnerabilities. In terms of operating systems, various versions of Microsoft Windows dominate the field by virtue of the sheer market penetration of the OS, while Linux and both the server and desktop versions of Mac OS X follow very close behind. In fact, in 2010 the desktop versions of Mac OS X experienced 96 targeted vulnerabilities compared to 88 for Windows Vista and 66 for Windows 7, the latest incarnation of the OS. Managing software updates and critical patch deployment manually will quickly increase the maintenance overhead associated with applications and the operating systems they run on, to the point of overwhelming the IT team. For example, the volume of software updates and critical vulnerability patches issued by the average vendor varies, but in the case of market leader Microsoft, the size of its monthly ‘Patch Tuesday’ software update payload can be significant. In April 2011 alone, Microsoft delivered 64 critical fixes across 17 software updates, while the previous month it fixed just four known flaws with three updates. In February 2011, Adobe patched 42 known bugs and vulnerabilities in its Adobe Reader and Flash products, while Oracle patched 73 known security vulnerabilities across its entire product line in April 2011. The latter is an example of how complex patch management can be if not automated, as Oracle’s patching applied to both organically-developed products as well as a number of high-profile acquired products that still sit outside the core Oracle code set such as JD Edwards, PeopleSoft, Siebel and OpenOffice. These are just a few examples of a much larger software patching landscape that affects all software vendors. These are also examples of how little predictability there is in the volume of severity of the patches being issued; and with it the resources that will be needed to ensure they are installed. Balancing security with reliability Various steps have been taken by operating system and application vendors to simplify the process and to minimize the window during which a machine is exposed to a known application or underlying OS vulnerability, such as integrating automated update download mechanisms and pop-up windows to alert users on the availability of a new update, as well as offering educational notes on why the user needs to deploy the update. Such services have a weakness in that they rely on users who actively connect to the Internet and allow updates to be downloaded and installed. The ease with which end-users can update their own machines, coupled with the benefits of encouraging them to do so, also means that the IT department needs to maintain visibility of what patches have been installed in the event that a problem arises. Even a fully-patched machine can present problems for both the user and the business. For example, in February 2010 Microsoft issued a patch for Windows XP, called MS10-015. The patch, intended to fix long- standing security vulnerabilities in the OS, was found to create significant system instability in certain configurations of PCs, leading to the unrecoverable ‘Blue Screen of Death’ Windows error. The error led to the temporary suspension of the patch from Microsoft’s Windows Update patch download service while the instability issues were investigated and fixed. For users that had already installed the patch, the most prudent cause of action was to uninstall the patch and roll the system back to the previous good state. Patch management - Fixing vulnerabilities before they are exploited 4
  • 5. The ability to roll back a patch is essential to ensure a swift remediation of software problems caused by the installation of a software update. There are numerous reasons why an organization might need or choose to revoke a software update that has been pushed out by a vendor and installed: »» Instability – As with the example above, the wide range of potential configurations and software combinations on a PC can mean that even a well-tested software patch can cause a machine or application to malfunction after installation. »» Compatibility – Upgrades can create problems including implementing changes to file formats, database structures, storage formats and communication protocols that have not been carried through the IT estate, or which have not been adopted by a customer or supplier, thus breaking workflow. »» Driver clashes – In instances where the software update makes extensive changes to the way the software interfaces with hardware, it may be necessary to uninstall a patch and hold off deploying until hardware drivers have been updated to restore compatibility with the operating system or application. While other solutions exist for patch management, such as Microsoft’s own Windows Server Update Services (WSUS), these solutions are usually limited in both their scope and ability to automate the patch management process. In the case of WSUS, patch management is limited to only Microsoft applications and system patches issued through the Microsoft Update framework. Third party solutions are not catered for, while the ability to revoke and remove a patch that has already been installed is reliant on the operating system, successfully creating a Microsoft Restore Point at the time the patch was added, meaning that rolling back a system can result in other perfectly working third party applications being uninstalled in the process. Solutions for effective patch management The integrated mechanisms for delivering patches and other software updates to applications and operating systems form just one part of the process. For any organization, the key is to deploy an all-encompassing patch management solution that can automate the process of managing patch deployment and provide quick and easy visibility of the current state of patching on all machines. A solution such as GFI LanGuard™ delivers complete suite of patch management tools in one application. With it, IT administrators can monitor the IT estate to provide a single view of what has been installed on each connected client or server, and trigger automated detection, downloading and deployment of missing patches to ensure a machine is fully patched before it becomes a problem. This approach ensures that known vulnerabilities are addressed before they are exploited; and therefore drastically reduces the maintenance burden placed on IT personnel. In addition, the patch management solution should provide administrators with an effective means to roll-back problematic patches, returning the machine to its pre-patch state in the event of compatibility or instability issues arising after the installation of an update. This feature is independent of Microsoft’s Restore Point technology and applies to both system and third party patches. Summary The process of patch management has, over time, been complicated by the growth in operating system and application patches, along with driver updates, many of which are delivered to servers and clients via vendor- operated automated update services but without the safety net of pre-testing to ensure broad compatibility and stability with a wide range of custom configurations of server or desktop PC. Patch management plays a critical role in ensuring that companies can keep their PC real estate fully up- to-date with the latest security patches and software updates, without unduly compromising reliability, productivity, security and data integrity. A robust patch management solution that combines swift roll-back of problem patches with a single view of what patches are installed on machines across the organization, is a critical component of both software management and IT security strategies. As part of a wider IT security policy, such a solution will ensure that applications are not placed at unnecessary risk, while ensuring that a policy of encouraging end-users to accept and install critical updates at the first possible opportunity can be maintained. Patch management - Fixing vulnerabilities before they are exploited 5
  • 6. About GFI GFI Software provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small to medium-sized enterprises (SMEs) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy and a strong focus on the unique requirements of SMEs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States (North Carolina, California and Florida), UK (London and Dundee), Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner. More information about GFI can be found at http://www.gfi.com. Patch management - Fixing vulnerabilities before they are exploited 6
  • 7. USA,»CANADA»AND»CENTRAL»AND»SOUTH»AMERICA 15300 Weston Parkway, Suite 104, Cary, NC 27513, USA Telephone: +1 (888) 243-4329 Fax: +1 (919) 379-3402 ussales@gfi.com UK»AND»REPUBLIC»OF»IRELAND Magna House, 18-32 London Road, Staines, Middlesex, TW18 4BP, UK Telephone: +44 (0) 870 770 5370 Fax: +44 (0) 870 770 5377 sales@gfi.co.uk EUROPE,»MIDDLE»EAST»AND»AFRICA GFI House, San Andrea Street, San Gwann, SGN 1612, Malta Telephone: +356 2205 2000 Fax: +356 2138 2419 sales@gfi.com AUSTRALIA»AND»NEW»ZEALAND 83 King William Road, Unley 5061, South Australia Telephone: +61 8 8273 3000 Fax: +61 8 8273 3099 sales@gfiap.com Disclaimer © 2011. GFI Software. All rights reserved. All product and company names herein may be trademarks of their respective owners. The information and content in this document is provided for informational purposes only and is provided “as is” with no warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. GFI Software is not liable for any damages, including any consequential damages, of any kind that may result from the use of this document. The information is obtained from publicly available sources. Though reasonable effort has been made to ensure the accuracy of the data provided, GFI makes no claim, promise or guarantee about the completeness, accuracy, recency or adequacy of information and is not responsible for misprints, out- of-date information, or errors. GFI makes no warranty, express or implied, and assumes no legal liability or responsibility for the accuracy or completeness of any information contained in this document. If you believe there are any factual errors in this document, please contact us and we will review your concerns as soon as practical.