Skip to main content
Patch Management

Have Unpatched Systems Become the Biggest Security Liability?

By May 26, 2021November 11th, 2022No Comments
||

Have Unpatched Systems Become the Biggest Security Liability?

Breaches caused by unpatched systems are becoming more common. This is often due to patch overwhelm and attackers are taking full advantage.

Have Unpatched Systems Become the Biggest Security Liability?

Breaches due to unpatched systems are big news these days. Six weeks after Microsoft issued a patch for Exchange server, almost 10% of enterprises had yet to install the patch – and hackers are taking advantage.

Even older patches are also being heavily exploited in high volume. A 2019 patch from Fortinet for Fortigate VPN servers continues to be a hot ticket for ransomware attacks. It seems there is no end to the number of ignored security patches wreaking havoc in enterprise IT.

Patch Overwhelm

How could it be that such obvious gaping holes are left unattended? Apart from negligence, one reason could be patch overwhelm. In the past week or so, three of the largest players in IT issued a slew of new patches.

Microsoft found a total of five zero-day vulnerabilities in one week. The patches that followed fixed 110 vulnerabilities, with as many as 19 classified as critical. Another 88 of the vulnerabilities were classified as important. These impacted a number of platforms including the Edge browser, Azure, Azure DevOps Server, Microsoft Office, SharePoint Server, Hyper-V, Team Foundation Server, Visual Studio, and Exchange Server. Perhaps the most critical flaw disclosed is one dealing with Win32k elevation of privilege that enables hacker to avoid sandboxes and gain system privileges. Meanwhile, the National Security Agency issued an alert about four more critical Exchange Server vulnerabilities.

Not to be outdone, Adobe provided patches for 10 security bugs, seven of which were considered critical. Google, too, just released the latest version of its Chrome browser. It contained seven security fixes, including one for a zero-day vulnerability.

Addressing Patch Overwhelm with Automation

Faced with this barrage of patches and updates (there are many more from a great many other sources), it is easy to see how IT could get behind. Patch backlogs can easily build up. IT may even be tempted to devalue their urgency if they see announcements about critical patches, yet no apparent damage appears to result. It sometimes takes the occurrence of a serious security breach before understanding prevails about the importance of patching.

By then, however, it’s too late. What is needed is a renewed emphasis on patch diligence and patch velocity. In many cases, that requires a complete overhaul of security and patching processes.

The time-worn habit of testing every patch and then installing each one manually is no longer workable. It is a rare organization that can note the presence of a new critical patch, review it, test it, and deploy it in a timely manner. Most organizations take several days to do this. Some take weeks. And as the Fortinet VPN and Microsoft Exchange Server exploits show, some never get around to it.

IT Automation with Syxsense

The best way to deal with this new era of patching volume is to automate the process. Trouble is inevitable unless the organization can provide an abundance of trained resource who meticulously review every patch announcement from every vendor, test them, and issue them immediately to all endpoints. The best approach is to outsource the function to a trusted vendor – one that has the manpower to corral all patches the moment they are issued, verify their authenticity, test them, and issue them.

Syxsense reviews, verifies, tests, and issues all patches within three hours of issuance. Its software can automatically deploy those patches to all users and devices. It also contains a patch rollback function in one of the rare instances when a problem arises due to a new patch. This represents the most efficient way to deal with the onslaught of new patches. It also frees up IT and security personnel to take care of other urgent areas of security for the enterprise.

Start Your Free Trial of Syxsense

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Leave a Reply