Patching the Microsoft OS Moves to Orange: How to Do the Process Right

Share Article

On August 9 the US Department of Homeland Security issued a warning to draw attention to Microsoft security patch MS06-040. This unusual notice highlights the volume of patches and the difficulties organizations encounter keeping their environments under control. Significant improvement in security processes and subsequent reduction in risk are can be mined from IT asset management processes and tools.

On August 9 the US Department of Homeland Security issued the following warning: “The Department of Homeland Security (DHS) is recommending that Windows Operating Systems users apply Microsoft security patch MS06-040 as quickly as possible. This security patch is designed to protect against a vulnerability that, if exploited, could enable an attacker to remotely take control of an affected system and install programs, view, change, or delete data, and create new accounts with full user rights.”

This announcement underscores the importance of full knowledge of the corporate network and controlling the assets involved. “Organizations use automated patch tools to update servers and think that their patch process is complete,” stated Walter Szablowski, President of Eracent, Inc. “This misconception creates a vulnerability within the security processes that leaves the door open for problems to occur.”

Most security processes do not include an audit of the patch distribution. “The IT asset management team should be tasked with confirming the successful distribution of the patch and the identification of the complete target audience,” Szablowski explained. “Using ITAM tools to audit the environment and the distribution uncovers any problems and has the added advantage of providing an external control to the process.”

Eracent’s EnterpriseAM™ tightens the security by working in cooperation with SMS™ so that monitoring and auditing the patch process is immediate and thorough. The product also uses extensive detection techniques to uncover the assets of all types that may access the network and thus create vulnerability. “With the dynamics of today’s organization and the constant overload on technical staff, I assure you that there are devices attached to your network that you think you retired months ago.”

Keeping up with the volume of OS patches alone is challenging. According to an article published in Computerworld Microsoft’s security response center is advising customers to give this update priority. Quoting Christopher Budd, a security program manager at Microsoft's security response center in the article, Budd stated "The top thing that we're trying to help people understand is we want them to take 06-040 and put it at the top of the stack." The image of stacks of patches highlights the amount of work that security officers are wading through to shut down vulnerabilities in the environment. Spending cycles confirming the inventory and full discovery of the network is a task best suited to the IT asset management tools and collaboration with the ITAM team is a necessity, not a luxury.

The official DHS press release makes specific recommendations to protect against vulnerabilities including keeping up-to-date on the front-line defenses of security patches, fixes, anti-virus software, anti-spy ware software and firewalls. Email procedures where emails from unknown sources or unexpected attachments are not opened are also identified. To make these efforts really work, Eracent recommends the following enhancements to security processes:

  •     Maintain an accurate inventory of all hardware that represents a possible risk, including all types of assets
  •     Discover software details at the patch level so that it can be compared to patch distribution results
  •     Require accurate software contractual information so that security obtains all appropriate live updates
  •     Develop an audit process for the automated patch management systems
  •     Require ITAM discovery to work cooperatively with SMS
  •     Acquire ITAM reporting capabilities that answer ad-hoc risk-related questions
  •     Apply processes to servers and desktops alike

About Eracent: Eracent, Inc. is a global provider of IT asset management solutions for organizations who require accuracy and accountability for their asset inventory while maximizing their IT investment. Eracent offers a full suite of IT asset management solutions that solve tactical and strategic business goals with technology that is easy to use and designed for today’s multi-platform complex environments. Eracent’s ease of implementation includes compatibility with most popular enterprise software applications and has been used to enhance the value of such widely used solutions as Microsoft® SMS™ (MSFT), IBM® Tivoli™ (IBM) and Altiris® Software Delivery Solution™ (ATRS). To learn more about Eracent, visit http://www.eracent.com, or send email.

All product names are the trademarks or registered trademarks of their respective owners.

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Ed Cartier
Visit website