Definition of Patch Management
Patch management is the process of keeping track of upgrades and patches to systems, applications, and operating systems to prevent vulnerabilities.
|
|
Patch Management
|
|
NIST - Procedures for Handling Security Patches
To help address this growing problem, we recommend that organizations have an explicit and documented patching and vulnerability policy and a systematic, accountable, and documented process for handling patches. This document provides principles and methodologies for accomplishing this. One of several possible techniques is through the creation of a patch and vulnerability group (PVG). This group would facilitate the identification and distribution of patches within the organization.
Read the Article
|
Patching It Up
I wonder what goes through Jay. F.'s head when I send another patch update with a few dozen servers to patch. Patch Management can be a headache, especially in a large network environment. It can also be disastrous if someone doesn't read the documentation that comes with patches or types the wrong command to upgrade a software package. Consequently, knowing how to back out of a botched patch job is just as important as knowing how to apply the patch.
Read the Article
|
Methodologically Upgrading A Production System
Patching and upgrading systems has been and still is a revolving task. System administrators receive security alerts, messages, and notifications of available software updates countless times on an irregular basis. We perform the patch, the upgrade, and the fix. A day later, we are informed of another security patch. What happens intermittently, when you receive the notification of a patch and when the patch is successfully applied to your production system? Simply applying the security patch to the production system(s) without executing a set of trial runs of the patch increases the risk of downtime to the user community of your system(s).
Read the Article
|
A Practical Methodology for Implementing a Patch Management Process
The time between the discovery of an operating system or application vulnerability and the emergence of an exploit is getting shorter, sometimes only a matter of hours. This imposes pressures on IT managers to rapidly patch production systems which directly conflicts with configuration management best practices of quality assurance testing. Many organizations are struggling to keep current with the constant release of new patches and updates. At the same time, they are under pressure to provide near 100% availability of key business systems. IT organizations must develop a process to ensure the availability of resources, install required security patches and not break existing systems in the process. This paper presents one methodology for identifying, evaluating and applying security patches in a real world environment along with descriptions of some useful tools that can be used to automate the process.
Read the Article
|
Vulnerability Risk Mitigation - Patching the Microsoft Windows Environment
This manuscript discusses procedures for regularly patching a Microsoft Windows environment, beginning with a discussion what vulnerabilities are, how they find their way into developers' code, and why they have become such an issue. The balance of the paper presents a number of options for patching the vulnerabilities, using either freely available tools or products that require purchasing licenses.
Read the Article
|
Microsoft Windows Security Patches
This paper is for those who have a Microsoft Windows computer attached to the Internet, and haven't installed the latest Microsoft security patches. The first section is where to get these patches and how to install them. The second is why. Many people don't think it is important enough to keep current on the latest security patches released by Microsoft, at least not important enough to actually do it. Those are two main reasons I have come across for people to no t keep current on the latest MS Security patches. The first being how, and the second being expressed by "Do I really care?" A prudent person would also have a firewall (or two) between their MS Windows computer and the Internet as well, so hopefully I can convince the reader to do this as well.
Read the Article
|
Oh Patch How I Hate Thee; Let Me Count the Ways
Welcome back to the article series on security management. In this article we will discuss patches, dispel some of the mystery about them, and tell you how they will impact your security. When I first started writing this column I did not intend to talk about patches, but when I asked around, everyone I spoke to said I have to have one column on it. It is such an important topic that I could not ignore it. To that end, this is the patch column. It is a bit longer than what I would normally write because I am hoping I will not have to write another one. Unless something significant changes in the patch management world, I plan not to. Therefore, this is a rather lengthy column.
Read the Article
|
Using and Evaluating Windows Software Update Service
This paper describes the installation and use of Microsoft's Software Update Service (SUS) for the deployment of Operating System patches. It will feature an in-depth discussion SUS' features, installation, configuration (both client and server side), and built-in security. Additionally, it will provide an analysis of SUS, its potential affect on an environment and any shortcomings found during its evaluation.
Read the Article
|
Management of Security Updates in the Windows 2000 Environment
While the focus of this paper will be on the enterprise or corporate computing environment, some issues affecting the home or small business user will be highlighted as well. Also, the scope of this paper is limited to the Microsoft Windows 2000 server and Windows 2000/XP desktop operating systems, widely deployed Microsoft server applications such as SQL Server and Internet Information Services (IIS) Server, and key desktop applications such as Internet Explorer and the Office productivity suite. Although non-Microsoft operating systems and applications are not discussed here, proper management of security updates for these products is equally as important to the overall effectiveness of the security program.
Read the Article
|
Case Study:Use Caution When Deploying Microsoft's Software Update Service
Recently, my company acquired the responsibility of providing infrastructure and technical support to a small, non-profit organization. Shortly after acquiring this responsibility, I experienced a "major" problem. Several end users had reported application errors after applying the latest Internet Explorer 5.5 update found on the Windows Update website (windowsupdate.microsoft.com). After a lengthy investigation, it was discovered that the update had modified a Windows system file, (gdi.exe) causing a protection fault whenever a user attempted to print from the company's financial software application (Solomon v2.6). In effect, the update acted like a virus, disabling the company's most important application.
Read the Article
|
|
|
Page: 1 2 3
Members currently browsing this category:
|
|
