Security, et al

Randy's Blog on Infosec and Other Stuff

«  Be the first to take Audi... | Does Microsoft care about... »

Keeping up with the changing landscape of patch management

Thu, 04 Nov 2010 15:56:34 GMT

Patch management is changing fast.  Patching used to be primarily a Windows and MS Office thing.  But as Microsoft has improved their patch process and released tools to help enterprises manage patches, the bad guys have been forced to turn their attention elsewhere. 

Neither Windows nor Office are the biggest pain point anymore.  Today that dubious award goes to products like Acrobat, Flash and Java Runtime Environment. 

Office continues to be targeted though with new patches every month.  When you combine these popular software products and take into account how many platforms besides just Windows they run on in your organization, you are probably left a multi-platform, multi-vendor patch management mess.

Some vendors offer tools to help enterprises with patching their products (e.g. WSUS from Microsoft) but many don't.  With Acrobat, Flash and JRE all you get is a a highly consumer oriented automatic update feature that provides none of the centralized control or reporting required by any medium or large enterprise.

So you are left with a fragmented hodgepodge of disconnected vendor/platform specific patch tools that that fails to provide comprehensive coverage of your environment.

Now more than ever I am convinced of the need for best-of-breed enterprise patch management. 

While preparing for a recent webinar, Beyond Windows Patching: Dealing with the New Imperative to Patch Adobe, Apple, Linux and More, I was impressed with Lumension's Patch and Remediation solution.  Lumension provides unified and centralized patch management for Windows, Linux, UNIX and Macs and covers gobs of popular applications besides MS Office such as Acrobat, Flash, Java Runtime Environment.  Better yet their solution includes a wizard to help you package up patches for in-house, custom or less common commercial applications.  Here's a link to Lumension Patch and Remediation.

Even if your environment is just Windows, you still have a multi-vendor patch management problem that free tools like WSUS can't solve.  At the above Lumension link you will find a whitepaper that helps you build the case that free tools like WSUS can do more harm than good.  Click the Lumension logo below to get the whitepaper.

email this digg reddit dzone
comments (0)references (0)

5 Indicators of Endpoint Evil
Live with Dell at RSA 2015
Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online
Severing the Horizontal Kill Chain: The Role of Micro-Segmentation in Your Virtualization Infrastructure

Comments disabled

powered by Bloget™


Recent Blogs


Additional Resources