Part 7 of 9 - Patching

How To Secure Your SMB Network – Part 7 of 9 – Patching

Philip Banks Security Leave a Comment

Welcome to How To Secure Your SMB Network! This is part 7 of an 9 part series that discusses our approach to Network Security and how we secure client networks. As you will see there are many facets that go into creating a secure network. Think of it as puzzle with each piece playing an important role. The days of installing Norton Anti-Virus on your computer and thinking you are safe are over.

What Is Patching

Patching is the process of approving and installing updates to the software and operating system installed on your computer. The term “Patching” is normally used when addressing a security risk. “Updates” normally refer to an improvement or an upgrade in a software package. Security Firms, Hackers, Software Companies, and Hobbyists are constantly finding defects and exploits in software. When these vulnerabilities are identified and made known to the software companies, the software company should quickly release a patch to resolve the vulnerability. For example, Adobe Flash is one of the most exploited applications of all time. When a new exploit is identified, Adobe will release a patch to resolve the threat. . Your computer is considered vulnerable until you install the latest Adobe Flash patch.

How Does Patching Work

The most well-known system of patching and updating is Windows Updates. Newer versions of Windows are configured, by default, to automatically download and install new updates. Your computer will silently download the latest updates in the background. You will likely never know this happening. Updates and Patches are then installed at restart or on a previously set schedule.

On small business networks, there will normally be software installed on each computer that will control the approval and installation of patches and updates. Your IT Administrator should have a system in place for reviewing, approving, testing, and deploying updates to your network.

What is Patch Tuesday

The term Patch Tuesday refers to when Microsoft releases new updates and patches. This is normally done on the second Tuesday of the month (Occasionally there will be another release on the fourth Tuesday of the month). When an exploit becomes widely known or quickly becomes widespread in between Patch Tuesday cycles, Microsoft will make an exception and release patches immediately to address very specific vulnerabilities. Patch Tuesday has, unfortunately, led to Exploit Wednesday. Exploit Wednesday is when unpatched machines are most at risk, because the release of a patch gives details on the vulnerability that it addresses. It is also is a day when vulnerabilities in the newly released patches can be found.

Recent Changes To The Microsoft Patching Process

Starting with Windows 10, Microsoft began releasing monthly patch roll-ups. Instead of several patches and updates, everything is now rolled into one monthly patch package. Microsoft has now expanded this same model to Windows 7, 8, 8.1 along with Server 2008 and Server 2012. This will help with the massive (and growing) quantity of updates that must be installed on new installations. However, it will prevent IT Admins from selectively installing (or not) certain non-critical updates.

You may remember before Windows 10 came out, Microsoft Installed an update that would notify nag you to upgrade to Windows 10. IT Admins across the world quickly blocked this update from installing on their systems. With Microsoft’s new model this would not be an option. For those wishing to only install security updates, Microsoft will offer a monthly Security Only roll-up. However, it is only available through the enterprise channels (WSUS, SCCM, etc), not through Windows Update.

How To Secure Your SMB Network – E-Book

This is the seventh part of a nine part series that details How To Secure Your SMB Network. Every Wednesday we will post a new section that gives details and examples on how Banks Technology Services secures out client’s networks. We have compiled all of this information into into an EBook which you can download for free. The E-Book contains additional information, real world examples, and is updated as new technology emerges. To receive your FREE copy, head on over to the How To Secure Your SMB Network page.

How to Secure Your SMB Network – Part 1, Part 2, Part 3, Part 4, Part 5, Part 6, Part 7, Part 8, Part 9.
Philip BanksHow To Secure Your SMB Network – Part 7 of 9 – Patching

Leave a Reply

Your email address will not be published. Required fields are marked *