Patching Problems and How to Solve Them
This is an extreme, and somewhat dramatic, example of what patching can prevent.
The first half of 2017 saw two of the most widespread malware outbreaks to date—and both leveraged a known exploit with an available patch. In May, WannaCry impacted operations across the globe, possibly costing multinationals billions in stalled operations and lost revenue. The malware heavily relied on MS17-010, or “EternalBlue”—a vulnerability for which a patch was already available before the outbreak. Petya soon followed, which leveraged the same vulnerabilities to compromise multiple systems across the world.
Despite the availability of a patch that could have prevented an infection, many companies and users still had vulnerable systems. This situation only begs the question: can we fix the lag between patch release and application?
Patching has always been an issue for organizations—though they know the obvious benefit of patching quickly, they may be hesitant to deploy any updates that might hinder operations or impact critical systems. Patching can be a real burden if there are no procedures set in place and many businesses can’t afford the down time, so they just accept the risks. Besides this, there are a number of other reasons for holding off on patching; resources could be limited, legacy systems could be overlooked during patching, or worse, some systems are so old they cannot be patched.
Establishing a new norm
A 2015 survey shows that it took some companies over 100 days to patch, but things are starting to change in 2017. A recent Forbes and BMC survey revealed that companies are definitively committed to better patching practices. The survey shares that “a majority of executives named investments in IT and patch-automation systems as the ones that delivered the best returns on their security investments in the past year,” and 43% of the surveyed companies would make timely patching and remediation a higher priority in 2017.
Hopefully, this recent commitment to timelier patching will continue and help contain future outbreaks. Although it is not a new solution, it should be an integral part of enterprises’ security regimen. Below we list some common issues and what can be done to establish a new and more efficient way of patching:
The New Norm
Patching is absolutely necessary, regardless of an organization’s size. While it might take time and resources, it becomes less of a strain on operations once proper procedures are established and effective solutions are in place. As several companies have noted, it is well worth the investment.
Patching is just the beginning of a well-rounded security strategy. The use of multilayered solutions such as Trend Micro™ Deep Discovery™ will help provide detection, in-depth analysis, and proactive response to today’s stealthy malware, and targeted attacks in real-time. It provides a comprehensive defense tailored to protect organizations against targeted attacks and advanced threats through specialized engines, custom sandboxing, and seamless correlation across the entire attack lifecycle.
Trend Micro™ Deep Security™ and Vulnerability Protection provide virtual patching that protects endpoints from threats that abuses vulnerabilities. OfficeScan’s Vulnerability Protection shield endpoints from identified and unknown vulnerability exploits even before patches are deployed.
*Information Courtesy Of Trend Micro @ https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/patching-problems-and-how-to-solve-them