Deploying patches in a timely fashion soon after they become available helps secure the OS and prevent the majority of data breaches. However, many computer systems are often not patched for months or not at all.
While patch management can be a cumbersome task, the ability to deploy patches efficiently can save the tremendous costs of downtime and recovery from an outbreak. This whitepaper discusses the elements of a good patch management solution, conditions for patch management to be effective, and the ROI of automated patch management.
whitepaper
Absolute Manage: Client Management
Intelligent, Automated, Cross-Platform Management of All Your Computers
Proactive Patch Management
Even the Best Software Sometimes Needs Patching 2The Reality Behind Most Virus Outbreaks 3The Patch Management Cycle 4Essential Elements of a Good Patch Management Solution 4Conditions for a Patch Management Solution To Be Effective 5The Consequences of No Patch Management 6The ROI for Automated Patch Management 7Benefits of Absolute Manage Automated Patch Management 8Conclusion 10About Absolute Software 10
www.absolute.comAbsolute Software whitepaper
Even the Best Software Sometimes Needs PatchingSoftware flaws that compromise the security of the system are often referred to as vulnerabilities. As the complexity and source code for modern operating systems has grown dramatically so has the number of vulnerabilities in the OS. The CERT Coordination Center estimates that software vulnerabilities have grown in number from 171 in 1995 to 8,064 in 20061. If past history is any indicator this number will only get bigger in the future.
900080007000se 6000itili 5000bar 4000enlu 3000V 200010000 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007
Year Vulnerabilities1995 1711996 3451997 3111998 2621999 4172000 10902001 24372002 41292003 37842004 37802005 59902006 80642007 7236
When a vulnerability is discovered OS vendors typically release an OS patch referred to as a security update to repair the problem and prevent future security breaches due to exploitation of the vulnerability. According to the CERT Coordination Center, deploying these patches in a timely fashion soon after they become available helps secure the OS and prevent 95% of security breaches. However, many computer systems are often not patched for months or not at all. With virtually all modern workstations being attached to a local area network with Internet access, leaving them inadequately patched is not an option. 1 http://www.cert.org/stats/vulnerability_remediation.html 2
www.absolute.comAbsolute Software whitepaper
The Reality Behind Most Virus OutbreaksUnpatched computers are a major security problem because viruses often take advantage of these vulnerabilities to infect them. The 2006 Computer Security Institute/FBI Computer Crime and Security Survey reports that virus contamination continues to be the number one source of financial losses for enterprises and accounts for 30% of financial losses due to security breaches2. Even more alarming is the advent of "zero-day" exploits where an exploit is written to take advantage of the vulnerability before or within 24 hours of its discovery. Luckily zero-day exploits are the exception rather than the norm. In reality, most viruses take advantage of known vulnerabilities that have already been patched by the OS vendor but whose associated security update has yet to be deployed. For example, the Slammer virus, which reportedly took down a 911 call center, airline booking systems, and ATM machines exploited a known vulnerability that Microsoft had provided a patch for six months prior. The same was true for the now infamous Nimda worm. It took advantage of an already known and patched vulnerability that Microsoft had provided a security update for a month before. Code Red, Blaster, and MyDoom - all these viruses exploited known vulnerabilities for which there was a patch or some other known fix.
As the complexity of modern operating systems has advanced so has the technology hackers use to create viruses and worms. Often exploitation tools are posted on the Internet that allows even novice programmers such as "script kiddies", who have little or no knowledge, to create a computer virus with just a few clicks. Because of the interconnectivity of modern networks, viruses can quickly infect a significant number of computers within minutes or hours. All it takes is single person to open an email containing the virus to potentially infect all unpatched computers on an entire network.
This underscores the importance of keeping your enterprise's workstations up to date with the latest OS patches. Patches, as a preventative measure, are only useful if you deploy them before your workstations become infected. Thanks to incidents like those mention... [download for more]
