Access "Managing client-side security with patch management best practices"
This article is part of the March 2011 issue of Best practices for securing virtual machines
The pervasiveness of Microsoft Windows has made it a favorite target for hackers for years, but client-side applications like Adobe Reader and Flash Player are even more ubiquitous -- a fact that hasn't escaped criminals. Dangerous vulnerabilities turn up in Adobe products on a regular basis. But it's not just Adobe vulnerabilities that put systems at risk. Serious security flaws have been found in other common client-side applications, such as Java, Apple QuickTime, Mozilla browser extensions, and Opera widgets. Microsoft and many large vendors now release security updates and patches to a known timetable, and Microsoft products like Office can be automatically patched using the Windows Automatic Update. However, patches for other common applications such as Adobe Reader, Firefox, and Java can't. Relying on end users to manually install these patches distributes the patching workload but in no way is this ideal as users can't be relied upon to get all the patches installed on a timely basis. The timely patching of software vulnerabilities is critical to ... Access >>>
Premium Content for Free.
Choosing the right information security risk assessment framework
There are a lot of risk assessment frameworks out there. Here's what you need to know in order to pick the right one.
Managing client-side security with patch management best practices
Attacks on applications like Adobe Reader and Java require effective and timely patching of user systems.
- Choosing the right information security risk assessment framework
Virtualization 101: Best practices for securing virtual machines
by Dave Shackleford
VMs introduce a new security dynamic, one that emphasizes asset discovery, change management and tweaks to existing security technology.
- Virtualization 101: Best practices for securing virtual machines by Dave Shackleford
Consumerization of IT requires new security model
by Chenxi Wang, Contributor
Security managers should take advantage of the consumerization of IT trend to reinvent themselves.
Cloud computing technologies: transformation time
Cloud computing is forcing an evolution of information security practices and technology.
New cybersecurity training program targets high schoolers
A new competition tries to foster interest in cybersecurity early on.
A framework for information security career success
by Lee Kushner and Mike Murray
Here are four things you need to do in order to execute on your long-term career plan.
- Consumerization of IT requires new security model by Chenxi Wang, Contributor
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...