Managing the Never-Ending Patching Story

The challenges of keeping client-side software patched in a timely manner is becoming more difficult as the number and sophistication of attacks increase. With more and more vendors releasing ever growing waves of patches and some are now doing so on Microsoft’s notorious Patch Tuesday, validating, maintaining, correcting, scheduling, and deploying patches is literally a never-ending loop.

More organizations than ever are patching their operating systems in a timely fashion, but in an application-rich business environment, cyber criminals are having a field day attacking un-patched client-side applications. In fact, in recent years 93 percent of vulnerabilities exploited in the wild are client-side application flaws.*

And even though Microsoft has made strides in hardening its operating system from attacks and improving its patch release process. There is no getting around the ugliness of Patch Tuesday, as was proven in this last month. There were 17 bulletins, 64 patches and over half of them, 9 were considered critical. It doesn’t get much uglier than that.

Microsoft’s latest Patch Tuesday, coupled with the recent security breach events such as the Sony PlayStation megabreach, Conde Nast’s $8 million dollar breach, the recent discovery of a DIY Crimeware tool kit that specifically targets Macs and a new Fake AV called Mac Defender that specifically targets Mac OSX, are all evidence that our methods of securing our systems still lags behind hacker’s abilities to find vulnerabilities.

The escalating risks within the application layer merged with the vulnerabilities of OS environments make the choice of comprehensive third-party patch management solutions over free, vendor-supplied patch management tools an obvious one. The small savings an organization collects by going with the latter are typically eaten up in additional operational overhead and potentially costly breaches when inconsistent practices lead to the inevitable.

Implementing a comprehensive patch management tool that can automate the patching process across all applications and all machines within your organization gives you the power to more easily mitigate application layer risks.

Dell KACE partners with Lumension Security to deliver a complete patch management solution fully integrated into the KACE K1000 Management Appliance. Patch management with the K1000 saves organizations time and money by providing comprehensive and reliable patching and security configuration management that is easy-to-use and affordable for enterprises of all sizes. This gives organizations robust security without the time, complexity and cost of traditional software solutions. The K1000 leverages Digital Fingerprint™ technology from Lumension, the industry’s leading patch management solution for reliable and accurate vulnerability detection and remediation. Utilizing Lumension’s patching feeds, KACE provides one of the largest patch repositories including patches for Windows and Mac operating systems, as well as a wide range of applications from vendors including Microsoft, Apple, Adobe, Symantec and Mozilla.

Join systems management experts from Dell KACE and leading IT security vendor Lumension for an informative live web event on Thursday May 12, 2011 at 12 noon CT, focused exclusively on effective patch management. In one short hour, you’ll learn how to:

  • Avoid using disparate methodologies when patching heterogeneous environments
  • Automate the validation and maintenance of correct patch and configuration levels
  • Understand the cost of manual updates vs. a centralized deployment approach
  • Enforce different patching policies for a variety of machines, including PCs and servers
  • Schedule flexible, effective patches, regardless of the number of managed systems

Dell KACE Management Appliances provide one of the largest patch repositories available, including patches for heterogeneous environments, as well as for a wide range of applications. With KACE, patching can now be more easily managed, saving organizations of all sizes valuable time and money.

* source: Symantec Global Internet Threat Security Report

About the Author: Ken Drachnik