Patch Management Is Essential -- Jeff Patterson

Patch Management Is Essential
by Jeff Patterson, MCSE, MCDBA, CDIA+, BOL Guru

During a recent information systems audit of an Oklahoma small business, several disturbing trends came to light. Firewall and security logs showed that this business was the subject of an active hacking attempt every 48 hours. Automated port scans were being run against the business every 20 minutes looking for ways in. And an average of 100 virus programs sent as spam or from unprotected clients was arriving every 45 seconds. This is an increase of over 1,000% in the last year.

Fortunately, this small business has an aggressive firewall and patch management policy and nothing ever made it into the network to affect normal business operations. Hackers and virus programs rely on open firewalls and unpatched systems in order to access critical information, wreak havoc and spread.

Do all of your information systems have the latest patches installed to provide the highest level of protection? Microsoft typically releases patches the second Tuesday of every month. The August, 2005 updates from Microsoft include critical updates for Internet Explorer and several behind the scenes services, including the telephony service, printing, remote desktop, and the Kerberos security service. Vulnerabilities were found in all of these services that could allow an attacker to remotely execute code in order to access critical data or launch a denial of service attack. Other vendors such as Sun, Oracle, Cisco, and IBM release patches at various times and should be queried for the status of available updates.

To make patching software easier, Microsoft has recently released the Microsoft Update Service and Windows Server Update Services. Microsoft Update will eventually replace Windows Update and allows a single place to go for updates to Windows, Microsoft Office, Microsoft Exchange and Microsoft SQL Server. For corporate networks, the Windows Server Update Service is a free download that will allow an IT Administrator to apply patches across all systems in the network from a central location. Windows Server Update Service replaces the older Microsoft Software Update Service and includes automating the patching process for Office, Exchange and SQL Server in addition to Windows.

Larger enterprises should investigate commercial patch management solutions such as Microsoft's System Management Server, Patchlink's Update, or Symantec's LiveState Patch Manager.

Your computers are not the only information system vulnerable to attack and in need of patch management. Review your patch management policy to insure it also includes your network hardware such as routers and firewalls. Handheld devices such as Palm computers, Blackberries, modern mobile phones (especially phones with Bluetooth technology) and even iPods should also be included in your patch management policy.

To find out more about the latest Microsoft Security Updates visit: