It used to be that patching was synonymous with updating Windows and to a lesser degree, Office. Microsoft has since implemented what is now a routine standard for vulnerability response and, following the course of least resistance, the bad guys have intensified their efforts on a much wider array of software – especially popular products like Acrobat and Flash from Adobe and iTunes from Apple. Or what about system agents from hardware vendors? Then there’s a new layer of software – hypervisors like ESXi and the security critical management applications that control them like vCenter.
That’s not to say Microsoft patches are a thing of the past – hardly – we are on track for 90 Microsoft security patches by the end of the year. But while Microsoft follows a predictable monthly patch schedule many other companies don’t. In addition patching can be much more complicated with some products. Take Flash for instance. It’s common for one PC to have multiple versions of Flash installed and each version usually needs to be patched against a given vulnerability. That’s just one example of the many pitfalls you encounter in the new world of patching beyond Windows.
But “beyond Windows patching” also means other operating systems like Linux, UNIX and Apple operating systems as well as the applications that run on them. Many companies find themselves using multiple platform specific patch management utilities like Windows Server Update Services (WSUS) from Microsoft, RedHat’s patch utilities, VMWare’s Update Manager, ad infinitum each of which may work well enough for each individual platform but 3 significant gaps remain:
1. Patching 3rd party applications that lack enterprise patch management utilities
2. Ability to exert organization-wide control over patch policy and being able to demonstrate that to auditors and regulators
3. The care and feeding required to run and maintain each platform and vendor specific patch management utility
In this webinar, I will delve into the issues and discuss how organizations can deal with them. For example, I will show why – even if various teams within IT are responsible to patch the systems for they are responsible – each organization should have a centralized patch tracking team that keeps track of each hardware and software vendor in use at the company and subscribes to their respective security bulleting services.
My sponsor for this webinar is Lumension and they will briefly demonstrate their heterogeneous patch management solution that provides centralized patch management for multiple platforms and many, many 3rd party applications.
This is real training for free (TM); don’t miss it!