11.6 Patch Management

Patches and Hotfixes

  • Hotfixes are an update to fix a specific customer issue and not always distributed outside the customer organization.
  • A patch is a small piece of software designed to fix problems, security vulnerabilities, and bugs and improve the performance of a computer program or its supporting data.
  • Users may be notified through emails or through the vendor's website.
  • A patch can be considered as a repair job to a programming problem.
  • Hotfixes are sometimes packaged as a set of fixes called a combined hotfix or service pack.

What is Patch Management?

  • "Patch management is a process used to ensure that the appropriate patches are installed on a system and help fix known vulnerabilities"
  • An automated patch management process:
    • Detect: Use tools to detect missing security patches.
    • Assess: Asses the issue(s) and its associated severity by mitigating the factors that may influence the decision.
    • Acquire: Download the patch for testing.
    • Test: Install the patch first on a testing machine to verify the consequences of the update.
    • Deploy: Deploy the patch to the computers and make sure the applications are not affected.
    • Maintain: Subscribe to get notifications about vulnerabilities as they are reported.

Identifying Appropriate Sources for Updates and Patches

  1. First make a patch management plan that fits the operational environment and business objectives.
  2. Find appropriate updates and patches on the home sites of the applications or operating systems' vendors.
  3. The recommended way of tracking issues relevant to proactive patching is to register to the home sites to receive alerts.

Installation of a Patch

  • Users can access and install security patches via the World Wide Web.
  • Patches can be installed in two ways:
    • Manual Installation: In this method, the user has to download the patch from the vendor and fix it.
    • Automatic Installation: In this method, the applications use the Auto Update feature to update themselves.

Implementation and Verification of a Security Patch or Upgrade

  1. Before installing any patch verify the source.
  2. Use proper patch management program to validate files versions and checksums before deploying security patches.
  3. The patch management tool must be able to monitor the patched systems.
  4. The patch management team should check for updates and patches regularly.

Patch Management Tool: Microsoft Baseline Security Analyzer (MBSA)

  • Microsoft Baseline Security Analyzer (MBSA) checks for available updates to the operating system, Microsoft Data Access Components (MDAC), MSXML (Microsoft XML Parser), .NET Framework, and SQL Server.
  • It also scans a computer for insecure configuration settings.

Q1) Which of these is a patch management and security utility?

  1. MBSA
  2. BSSA
  3. ASNB
  4. PMUS

A1) Microsoft Baseline Security Analyzer is a patch management utility built into Windows for analyzing security.

results matching ""

    No results matching ""