Patching is Hard; Procrastinating is Dangerous

A week after Fortinet announced a patch for a zero-day, there are still thousands of systems worldwide vulnerable. A week ago Shadowserver identified 52,000 networks at risk. Now that is down to 48,000 and change.

In other words, not much patching is going on even though the media has been sounding the alarm all week.

This Fortinet bug is being actively exploited according to Fortinet.

When the attackers break in, they steal credentials and use them to wander through your network WITH ADMIN CREDENTIALS.

But this is more than Fortinet.

First, you need to have a good system to track missing patches (self serving plug here: we have a very cost effective one if you need one).

Second, you need to figure out how to deploy those patches while minimizing the impact to your users.

Finally, when it comes to infrastructure like firewalls and servers, downtime is particularly challenging in some cases.

This is a much bigger problem than patching Windows and Office. **ALL** of your applications need to be patched. That means that you need to understand what applications are installed, especially when users have the ability to install programs.

Depending on the hacker, they may remain very quiet not giving you much indication that they are there. Until, that is, when all hell breaks loose. That usually comes after they steal all of your data and then encrypt your systems.

If you need help with your patch management program, please contact us.

Credit: The Register

by