THE RISKS OF ‘NOT’ PATCHING…

Slides:



Advertisements
Similar presentations
By Hiranmayi Pai Neeraj Jain
Advertisements

© 2003 Spire Security. All rights reserved. security i SPRE Expert’s guide for effective patch management Pete Lindstrom, CISSP Research Director Spire.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Protect Your Computer Protect Your Work Computing & Communications.
Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer
Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
IT:Network:Microsoft Applications
Desktop Security: Worms and Viruses Brian Arkills, C&C NDC-Sysmgt.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.
Raven Services Update December 2003 David Wallis Senior Systems Consultant Raven Computers Ltd.
Copyright © Microsoft Corp 2006 Pragmatic Secure Design: Attack Surface Reduction Shawn Hernan Security Program Manager Security Engineering and Communication.
SMS 2003 Deployment and Managing Windows Security Rafal Otto Internet Services Group Department of Information Technology CERN 26 May 2016.
CS 4010 Hacking Samba Server Vulnerabilities. Recon Telnet headers claim the following: –Red Hat Linux release 9 (Shrike) –Kernel smp on an i686.
“Everyone full control or what?” Security challenges inside a company (WSUS, Wireless, Password policies: An introduction.
Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM
Small Business Security Keith Slagle April 24, 2007.
Worm Defense Alexander Chang CS239 – Network Security 05/01/2006.
Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
CNIT 124: Advanced Ethical Hacking Ch 10: Client-Side Exploitation.
Computer Security By Duncan Hall.
Slammer Worm By : Varsha Gupta.P 08QR1A1216.
Operating System Hardening. Vulnerabilities Unique vulnerabilities for: – Different operating systems – Different vendors – Client and server systems.
Writing Security Alerts tbird Last modified 2/25/2016 8:55 PM.
Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.
How We Got Here PC and Internet changed the rules –Viruses, information sharing, “outside” and “inside” indistinguishable –Vulnerability research for.
Securing the Human. Presented by Thomas Nee, Computer Coordinator Town of Hanover, Massachusetts hanover-ma.gov/information-technology October is Cyber.
OPERATING SYSTEMS (OS) By the end of this lesson you will be able to explain: 1. What an OS is 2. The relationship between the OS & application programs.
Al Lilianstrom CD/LSC/SOS/ESG  Blocked?  Operating Systems  Baselines  Detection  TiSSUE  Compliance  Windows  OS/X  Questions.
Operated by Los Alamos National Security, LLC for NNSA U N C L A S S I F I E D Slide 1 Windows Desktop Deployment Service at LANL Mark Wingard Central.
TUF: Secure Software Updates Justin Cappos NYU Poly Computer Science and Engineering.
Token Kidnapping's Revenge Cesar Cerrudo Argeniss.
Vulnerability Management Programs & The Lessons Learned
DevOps with ASP.NET Core and Entity Framework Core
SQL Server Security & Intrusion Prevention
# 66.
Critical Security Controls
Self-service enrollment for Windows desktops
Security Testing Methods
Grades4sure PDF Dumps CompTIA Security + Certification Exam
IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.
Putting It All Together
Putting It All Together
Leverage What’s Out There
All images scavenged without permission
Technology Update TSAG Meeting 5/11/04.
CIT 480: Securing Computer Systems
Implementing Security Patch Management
Microsoft’s Security Strategy
Patching firmware, computers, internet of things and more
Determined Human Adversaries: Mitigations
Engineering Secure Software
Nessus Vulnerability Scanning
Information Security Session October 24, 2005
Outline Overview Development Tools
Malware March 26, 2018.
All images scavenged without permission
Backtrack Metasploit and SET
Tord Glad Nordahl Program Manager - Microsoft
Connecting Remotely Winter 2014.
Implementing Client Security on Windows 2000 and Windows XP Level 150
Security through Group Policy
Operating System Basics
Cyber security and Computer Misuse
NAVIGATING THE MINEFIELD
Severity and Exploitability Index
Determined Human Adversaries: Mitigations
Pass-the-Hash.
Implementing Security Patch Management
Presentation transcript:

THE RISKS OF ‘NOT’ PATCHING… WWW.SBSDIVA.COM The risks of Patching… THE RISKS OF ‘NOT’ PATCHING… WWW.SBSDIVA.COM

Who am I? Patchaholic SBS MVP Security MVP Been ‘patchin’ SBS’s since SBS 4.0 Used to squint when rebooting

So… what’s the first questions to ask? What tool? What patch engine? What will break what? Tool isn’t important Process

What is a patch? Bug Flaw Something that needs fixing Patch = Security patch

Why ‘should’ we patch? Worst case scenario Fixing an issue where attacker from remote can hurt Code Execution Take control of system

Understanding the risks of patching Worst case – Line of business stuff breaks Best case – everything works Typical patch month for your networks What’s broken in the past for you?

What if you don’t patch? What’s the worst thing that happens? Well…..

Risks in a SBS network Server? Ports open? WORKSTATIONS Local administrator Download anything? Free stuff?

History of risks in SBSland Code Red Nimda Nail the server Today? Keep the system working Borrow the bandwidth

Greatest risks? Review your networks Desktops If you nail the server? If you nail a workstation? How expendable?

How to determine what/when? Read the bulletin What’s the riskiest? Read the criticality From remote? Mere surfing?

Win2k3 /XP sp2 Typical threats come from authenticated connections Lesser risks to these platforms A/V Spyware Safe surfing IE 7 coming out soon

Windows 2000 Risks from anonymous connections From remote Coded up exploits typically work

Window to patch Patch comes out at 10:00 a.m – 11:00 a.m Pacific Reverse engineer the patch to see what it’s fixing Determine issue Code vulnerability Typically within 20 minutes or so vulnerability is identified

Zero Days Vulnerability is out Used to exploit/to harm No patch But does that mean we are unprotected?

Window to patch Can it be automated? Can it be “wormable” What’s “Metasploit”?

Recent issues Focusing more on workstations Focusing more on applications Less on servers

When to patch? Do we have to do servers as soon as possible? Where’s our biggest risk of patching? What’s hurt in the past? Build an “ouch” database for your clients’ applications

When to patch? If we’ve mitigated already? Why do we need to patch now? Mitigate, patch later?

Now that we will patch Will it hurt? Check the caveat section Review the community Google on the KB number Review the Windows update newsgroup www.patchmanagement.org “Are you seeing?”

How/what to test? Microsoft performs patch testing Don’t test the “basics” Identify the clients’ key applications Identify a “patch canary”

Patch gets approved Tested on one workstation Done your research? NOW deploy

Deploy with? WSUS SBS 2003 r2 Shavlik Patchlink Other?

..but what about non MS? Adobe Flash Firefox Sun Java Even your antivirus

Tuesday’s patches …. To come…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.