Maintenance on an environment is a continual process and one that needs significant attention to get right.
As vendors release updates to known vulnerabilities, attackers begin the process of exploiting those weaknesses on your platforms. “Zero-day” Vulnerabilities have even more importance to resolve, with the attackers usually one step ahead with knowing how to exploit a vulnerability before the vendor has released a suitable update.
Vulnerabilities are assigned a rating, most commonly the CVSS Score (Common Vulnerability Scoring System). This rating is designed to help you target the priority risks within your business, however, the context can make an enormous impact. This month’s Microsoft patches are a good example.
Microsoft’s June Patch Tuesday
This month’s patch release by Microsoft is a good example where Context of your use of a particular application is important when evaluating patches. Of the 50 Microsoft updates released, 6 were marked as ‘important’ (one step down from the major ‘critical’ risk category). One, in particular, has reason to take context into account. CVE-2021-33742 relates to a vulnerability within Internet Explorer or the Legacy “IE Mode” of Microsoft’s Edge browser. For a business still using one of these tools to access an old legacy web app, they have a considerably higher risk than that of a firm with all browsers blocked or permissioned to only use Google Chrome, for example.
How to ensure you have a suitable Patching Policy
There are several steps that can be taken to ensure you have a suitable policy in place. Some recommended actions are:
- Create an IT Asset Inventory of Hardware and Software in use within the environment. An automated tool allows this list to remain current and prevents Shadow-IT too.
- Sometimes it is hard to “know what you don’t know”. In these situations, an agnostic vulnerability scanner or Remote Monitoring & Management tool can help identify lesser-identified applications in use.
- Learn the release schedules and deployment methods of the manufacturers.
- Create a suitable policy and procedure for patch deployment. This may include development, beta, or User acceptance teams before deployment to the entire firm.
- Always review the status of patching across an environment on a fixed, recurring basis to ensure the system is working as intended and there are no weak links in the system.
Vulnerability Management can be a key tool when it comes to Environment Maintenance and patching systems. Our recent update to Drawbridge Connect-R is PC Reporter. This agent can be installed on any Windows 10 device with an internet connection, allowing the automation of Software Inventory and cross-referencing installed applications with Vulnerabilities, Vendors updates and patches available. This extension of Connect-R helps firms regardless of their working model – suitable for all Office, Hybrid and Remote working styles.
For more information about DrawbridgeConnect-R or PC Reporter, click here.