Home > Security News > Window of opportunity closing for patching
Security News:
EMAIL THIS

Window of opportunity closing for patching

By Lawrence Walsh, Managing Editor, Information Security Magazine
03 Sep 2003 | Information Security Magazine

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

The Blaster worm gave network and security mangers a scant four weeks to patch the critical Windows DCOM-RPC vulnerability. While there's little data to define a trend, many in the infosecurity community say the window for patching systems against publicly announced exploits is getting shorter.

"What we're seeing is if you don't already have a defense in place, you won't have any time to react anymore," says Kris Zupan, CEO of e-DMZ Security, a comanaged service provider. "It's no longer 'shame on the sysadmin' for not applying patches that are six or eight months old."

Worms are usually preceded by ample warning, which gives enterprises more than enough time to patch or secure their systems. In contrast, the DCOM vulnerability and patch were announced almost simultaneously in mid-July with the publishing of the exploit code. Blaster appeared Aug. 12, just as enterprises were implementing their patching program.

"A couple of weeks to test patches and put out a deployment plan isn't unreasonable," says Eric Schultze, executive director of product research and development at security tools vendor Shavlik Technologies. "If worms come out faster than that, major corporations are going to have a real problem."

One organization looking at the need for faster patch management is the Internal Revenue Service (IRS), which narrowly averted a major Blaster infection of its massive 125,000 Windows workstation environment.

"This new trend means we're going to have to react faster," says Jim Kennedy, an IRS program manager. "The next time Microsoft releases a patch, we will apply that patch with a greater sense of urgency."

Not all agree the patching window is closing, or that it needs to exist at all. Rather than worrying about patches, some say the answer resides in the basic network architecture, defense-in-depth security strategies and old-fashioned vigilance.

"The final strategy is going to involve patch management at the OS level, more network defenses, network segmentation that will provide protection even when you're unaware of an exploit," says Zupan.

FOR MORE INFORMATION:

Virus alert: Sobig-F

SearchSecurity.com Ask the Experts



Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


More Tips to Secure Your Network
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts