SlideShare uma empresa Scribd logo

Real-life patch test - vulnerabilities found in one simple server in 6 months

Transferir como PPTX, PDF
Trend Micro (EMEA) Limited
Trend Micro (EMEA) Limited

Whether you patch monthly or every six months, the time and resource overhead is significant.... And are you even secure? In this real-life patch test, one of our Solution Architects put a simple virtual machine through it’s paces, with fascinating results. Understand more about typical vulnerabilities and security updates found in even the most simple of servers, learn about the typical decisions being faced by organisations trying to balance operational efficiency with security and see how you can implement same-day protection for vulnerabilities in critical systems, even without patching or during a change freeze.

TecnologiaNegócios
1 de 30
Vulnerabilities found in one server in 6 months A real-life patch test Copyright 2011 Trend Micro Inc.
Whether you patch monthly… Or every six months Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 2
Whether you patch monthly… Or every six months The time and resource overhead is significant Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 3
Whether you patch monthly… Or every six months The time and resource overhead is significant And are you even secure? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 4
One of our Solution Architects PATCH put a simple virtual machine TEST through it’s paces… with fascinating results… Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 5
26 July 2011 Simple VM built with WIN2008 R2 only… No apps, no IIS, no SQL Server This build could equally apply to a physical server Copyright 2011 Trend Micro Inc. 6
6 months later… A large number of updates are available Remember this is still only one VM running nothing more than WIN2008 R2 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 7
Look up the Knowledge Base number and find the update 6 months Now the hard later… work begins…. A large number of updates are available Remember this is still only one VM running nothing more than WIN2008 R2 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 8
Take a closer look at the updates 09 AUG 2011… 7 important updates… 13.2MB… REBOOT REQUIRED 23 AUG 2011… 1 important update… 3.6MB… NO REBOOT 13 SEP 2011… 3 important updates… 65.4MB… NO REBOOT 11 OCT 2011… 4 important updates… 34.6MB… REBOOT REQUIRED 25 OCT 2011… 1 important update… 36K… NO REBOOT 08 NOV 2011… 2 important updates… 2.4MB… REBOOT REQUIRED 13 DEC 2011… 5 important updates… 26.1MB… REBOOT REQUIRED 29 DEC 2011… 3 important updates… 14.3MB… NO REBOOT 10 JAN 2011… 5 important updates… 19.1MB… REBOOT REQUIRED Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 9
A total of 31 important security updates were announced over 6 RESULTS months, with approx. every other patch requiring a reboot Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 10
How can you reboot a mission critical system that cannot be taken offline? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 11
How can you reboot a mission critical system that cannot be taken offline? How can you reboot any system during a CHANGE FREEZE? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 12
Significant cross-referencing and assessment of each update needs to be IMPACT undertaken by a skilled administrator. What else will the update impact? What else is vulnerable? What is the impact on our risk posture? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 13
Patch detail Patch #1 Cumulative Security Update for ActiveX Killbits for Windows Server 2008 R2 x64 Edition (KB2618451) http://go.microsoft.com/fwli nk/?LinkID=232507 ms11-090 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 14
Patch detail Patch #1 PATCH #2 Cumulative Security Cumulative Security Update for ActiveX Killbits Update for Internet for Windows Server 2008 Explorer 9 for Windows R2 x64 Edition Server 2008 R2 x64 (KB2618451) Edition (KB2618444) http://go.microsoft.com/fwli http://go.microsoft.com/fwli nk/?LinkID=232507 nk/?LinkID=232505 ms11-090 ms11-099 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 15
Patch detail Patch #1 PATCH #2 PATCH #3 Security Update for Cumulative Security Cumulative Security Microsoft .NET Framework Update for ActiveX Killbits Update for Internet 3.5.1 on Windows 7 and for Windows Server 2008 Explorer 9 for Windows Server 2008 R2 SP1 for x64- R2 x64 Edition Server 2008 R2 x64 based Systems (KB2618451) Edition (KB2618444) (KB2539635) http://go.microsoft.com/fwli http://go.microsoft.com/fwli http://go.microsoft.com/fwlink nk/?LinkID=232507 nk/?LinkID=232505 /?LinkID=218325 ms11-090 ms11-099 ms11-069 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 16
Patch detail Patch #1 PATCH #2 PATCH #3 Security Update for Cumulative Security Cumulative Security Microsoft .NET Framework Update for ActiveX Killbits for Windows Server 2008 WHICH WILL Update for Internet Explorer 9 for Windows 3.5.1 on Windows 7 and Server 2008 R2 SP1 for x64- R2 x64 Edition Server 2008 R2 x64 based Systems (KB2618451) http://go.microsoft.com/fwli YOU PATCH?? Edition (KB2618444) http://go.microsoft.com/fwli (KB2539635) http://go.microsoft.com/fwlink nk/?LinkID=232507 nk/?LinkID=232505 /?LinkID=218325 ms11-090 ms11-099 ms11-069 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 17
Some hours later and all 31 security updates located and assessed 23 out of 31 patches are related to security vulnerabilities Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 18
1 VM, 1 OS, 31 patches 23 of which relate to security vulnerabilities Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 19
1 VM, 1 OS, 31 patches 23 of which relate to security vulnerabilities For a typical organisation with servers running 50 multiple operating systems and applications, this is a costly and resource intensive operation Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 20
1 VM, 1 OS, 31 patches 23 of which relate to security vulnerabilities For a typical organisation with servers running 50 multiple operating systems and applications, this is a costly and resource intensive operation Unlike the simple VM, most organisations will not be able to automatically install updates. Individual updates or batches of updates will need to be tested and deployed manually to allow for them to be backed out in case of problems during installation. Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 21
How do you balance operational efficiency with security? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 22
How do you balance operational efficiency with security? You want to install the minimum number of security patches for BASE LEVEL protection Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 23
How do you balance operational efficiency with security? You want to install the minimum number of security patches for BASE LEVEL protection But you want visibility of all security vulnerabilities? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 24
Virtual Patching: Proactively shield vulnerabilities Solution in critical systems, even without patching Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 25
Trend Micro Deep Security Virtual Patching Solution  Detects and blocks known and zero-day attacks that target vulnerabilities  Shields web application vulnerabilities  Increased visibility into, or control over, applications accessing the network  Fully integrates with VMware and provides visibility at the hypervisor level, removing the risk of attacks not being visible within virtualised environments Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 26
Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 27
On the same VM running WIN2008 R2 This screen shows results of Trend Micro Deep Security Recommendation Scan : Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 28
On the same VM running WIN2008 R2 This screen shows results of Trend Micro Deep Security Recommendation Scan : … After security updates concerning local logon, SSL protocol and kernel were discounted… …. Deep Security identified and proactively shielded 13 security updates … And then identified and shielded a further 11 security updates for which there may be no patches Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 29
Recommendations Assess the effectiveness of your patch 1 management process Calculate the cost and risk of emergency 2 patching Request a demo of Trend Micro Deep Security 3 And see how virtual patching could reduce IT resources and costs while enhancing the security and compliance of your data centre applications www.trendmicro.co.uk 01628 400552 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 30

Recomendados

December 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisDecember 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisIvanti
 
2022 February Patch Tuesday
2022 February Patch Tuesday2022 February Patch Tuesday
2022 February Patch TuesdayIvanti
 
January Patch Tuesday 2019
January Patch Tuesday 2019January Patch Tuesday 2019
January Patch Tuesday 2019Ivanti
 
Fr july2021 patchtuesday_final-atendeesslides
Fr july2021 patchtuesday_final-atendeesslidesFr july2021 patchtuesday_final-atendeesslides
Fr july2021 patchtuesday_final-atendeesslidesIvanti
 
2021 July Patch Tuesday
2021 July Patch Tuesday2021 July Patch Tuesday
2021 July Patch TuesdayIvanti
 
2021 August Patch Tuesday
2021 August Patch Tuesday2021 August Patch Tuesday
2021 August Patch TuesdayIvanti
 
French Patch Tuesday April 2021
French Patch Tuesday April 2021French Patch Tuesday April 2021
French Patch Tuesday April 2021Ivanti
 
August 2021 Patch Tuesday slides - French
August 2021 Patch Tuesday slides - FrenchAugust 2021 Patch Tuesday slides - French
August 2021 Patch Tuesday slides - FrenchIvanti
 

Recomendados

December 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisDecember 2018 Patch Tuesday Analysis
December 2018 Patch Tuesday AnalysisIvanti
 
2022 February Patch Tuesday
2022 February Patch Tuesday2022 February Patch Tuesday
2022 February Patch TuesdayIvanti
 
January Patch Tuesday 2019
January Patch Tuesday 2019January Patch Tuesday 2019
January Patch Tuesday 2019Ivanti
 
Fr july2021 patchtuesday_final-atendeesslides
Fr july2021 patchtuesday_final-atendeesslidesFr july2021 patchtuesday_final-atendeesslides
Fr july2021 patchtuesday_final-atendeesslidesIvanti
 
2021 July Patch Tuesday
2021 July Patch Tuesday2021 July Patch Tuesday
2021 July Patch TuesdayIvanti
 
2021 August Patch Tuesday
2021 August Patch Tuesday2021 August Patch Tuesday
2021 August Patch TuesdayIvanti
 
French Patch Tuesday April 2021
French Patch Tuesday April 2021French Patch Tuesday April 2021
French Patch Tuesday April 2021Ivanti
 
August 2021 Patch Tuesday slides - French
August 2021 Patch Tuesday slides - FrenchAugust 2021 Patch Tuesday slides - French
August 2021 Patch Tuesday slides - FrenchIvanti
 
2021 September Patch Tuesday
2021 September Patch Tuesday2021 September Patch Tuesday
2021 September Patch TuesdayIvanti
 
May 2021 Patch Tuesday
May 2021 Patch TuesdayMay 2021 Patch Tuesday
May 2021 Patch TuesdayIvanti
 
July 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - IvantiJuly 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - IvantiIvanti
 
Qlik view server reference manual eng
Qlik view server reference manual engQlik view server reference manual eng
Qlik view server reference manual engRaja Gopal Rao Vishnudas
 
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Bruh! Do you even diff?—Diffing Microsoft Patches to Find VulnerabilitiesBruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Bruh! Do you even diff?—Diffing Microsoft Patches to Find VulnerabilitiesPriyanka Aash
 
April 2017 patch tuesday ivanti
April 2017 patch tuesday ivantiApril 2017 patch tuesday ivanti
April 2017 patch tuesday ivantiChris Goettl
 
January2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikJanuary2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikLANDESK
 
September 2017 Patch Tuesday
September 2017 Patch TuesdaySeptember 2017 Patch Tuesday
September 2017 Patch TuesdayIvanti
 
Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017Ivanti
 
July Patch Tuesday 2020
July Patch Tuesday 2020July Patch Tuesday 2020
July Patch Tuesday 2020Dan Lalli
 
Thomson Reuters: Transforming the workplace with desktop virtualisation
Thomson Reuters: Transforming the workplace with desktop virtualisationThomson Reuters: Transforming the workplace with desktop virtualisation
Thomson Reuters: Transforming the workplace with desktop virtualisationTrend Micro (EMEA) Limited
 
The year that shook the world
The year that shook the worldThe year that shook the world
The year that shook the worldTrend Micro (EMEA) Limited
 
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraSmart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraTrend Micro (EMEA) Limited
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudTrend Micro (EMEA) Limited
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Trend Micro (EMEA) Limited
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Trend Micro (EMEA) Limited
 
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your BusinessBarry Feldman
 
2021 October Patch Tuesday
2021 October Patch Tuesday2021 October Patch Tuesday
2021 October Patch TuesdayIvanti
 
2022 March Patch Tuesday
2022 March Patch Tuesday2022 March Patch Tuesday
2022 March Patch TuesdayIvanti
 
Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti
 
January 2022 patch tuesday
January 2022 patch tuesdayJanuary 2022 patch tuesday
January 2022 patch tuesdayIvanti
 
Janvier2023PatchTuesday - Presenter slides.pptx
Janvier2023PatchTuesday - Presenter slides.pptxJanvier2023PatchTuesday - Presenter slides.pptx
Janvier2023PatchTuesday - Presenter slides.pptxIvanti
 

Mais conteúdo relacionado

Mais procurados

2021 September Patch Tuesday
2021 September Patch Tuesday2021 September Patch Tuesday
2021 September Patch TuesdayIvanti
 
May 2021 Patch Tuesday
May 2021 Patch TuesdayMay 2021 Patch Tuesday
May 2021 Patch TuesdayIvanti
 
July 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - IvantiJuly 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - IvantiIvanti
 
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Bruh! Do you even diff?—Diffing Microsoft Patches to Find VulnerabilitiesBruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Bruh! Do you even diff?—Diffing Microsoft Patches to Find VulnerabilitiesPriyanka Aash
 
April 2017 patch tuesday ivanti
April 2017 patch tuesday ivantiApril 2017 patch tuesday ivanti
April 2017 patch tuesday ivantiChris Goettl
 
January2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikJanuary2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikLANDESK
 
September 2017 Patch Tuesday
September 2017 Patch TuesdaySeptember 2017 Patch Tuesday
September 2017 Patch TuesdayIvanti
 
Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017Ivanti
 
July Patch Tuesday 2020
July Patch Tuesday 2020July Patch Tuesday 2020
July Patch Tuesday 2020Dan Lalli
 

Mais procurados (10)

2021 September Patch Tuesday
2021 September Patch Tuesday2021 September Patch Tuesday
2021 September Patch Tuesday
 
May 2021 Patch Tuesday
May 2021 Patch TuesdayMay 2021 Patch Tuesday
May 2021 Patch Tuesday
 
July 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - IvantiJuly 2017 Patch Tuesday - Ivanti
July 2017 Patch Tuesday - Ivanti
 
Qlik view server reference manual eng
Qlik view server reference manual engQlik view server reference manual eng
Qlik view server reference manual eng
 
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Bruh! Do you even diff?—Diffing Microsoft Patches to Find VulnerabilitiesBruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
 
April 2017 patch tuesday ivanti
April 2017 patch tuesday ivantiApril 2017 patch tuesday ivanti
April 2017 patch tuesday ivanti
 
January2017 patchtuesdayshavlik
January2017 patchtuesdayshavlikJanuary2017 patchtuesdayshavlik
January2017 patchtuesdayshavlik
 
September 2017 Patch Tuesday
September 2017 Patch TuesdaySeptember 2017 Patch Tuesday
September 2017 Patch Tuesday
 
Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017Patch Tuesday Analysis - March 2017
Patch Tuesday Analysis - March 2017
 
July Patch Tuesday 2020
July Patch Tuesday 2020July Patch Tuesday 2020
July Patch Tuesday 2020
 

Destaque

Thomson Reuters: Transforming the workplace with desktop virtualisation
Thomson Reuters: Transforming the workplace with desktop virtualisationThomson Reuters: Transforming the workplace with desktop virtualisation
Thomson Reuters: Transforming the workplace with desktop virtualisationTrend Micro (EMEA) Limited
 
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraSmart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraTrend Micro (EMEA) Limited
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudTrend Micro (EMEA) Limited
 
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your BusinessBarry Feldman
 

Destaque (7)

Thomson Reuters: Transforming the workplace with desktop virtualisation
Thomson Reuters: Transforming the workplace with desktop virtualisationThomson Reuters: Transforming the workplace with desktop virtualisation
Thomson Reuters: Transforming the workplace with desktop virtualisation
 
The year that shook the world
The year that shook the worldThe year that shook the world
The year that shook the world
 
Smart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC EraSmart, Data-Centric Security for the Post-PC Era
Smart, Data-Centric Security for the Post-PC Era
 
Data Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the CloudData Centre Evolution: Securing Your Journey to the Cloud
Data Centre Evolution: Securing Your Journey to the Cloud
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?
 
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business32 Ways a Digital Marketing Consultant Can Help Grow Your Business
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
 

Semelhante a Real-life patch test - vulnerabilities found in one simple server in 6 months

2021 October Patch Tuesday
2021 October Patch Tuesday2021 October Patch Tuesday
2021 October Patch TuesdayIvanti
 
2022 March Patch Tuesday
2022 March Patch Tuesday2022 March Patch Tuesday
2022 March Patch TuesdayIvanti
 
Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti
 
January 2022 patch tuesday
January 2022 patch tuesdayJanuary 2022 patch tuesday
January 2022 patch tuesdayIvanti
 
Janvier2023PatchTuesday - Presenter slides.pptx
Janvier2023PatchTuesday - Presenter slides.pptxJanvier2023PatchTuesday - Presenter slides.pptx
Janvier2023PatchTuesday - Presenter slides.pptxIvanti
 
2022 October Patch Tuesday
2022 October Patch Tuesday2022 October Patch Tuesday
2022 October Patch TuesdayIvanti
 
June 2023 Patch Tuesday
June 2023 Patch TuesdayJune 2023 Patch Tuesday
June 2023 Patch TuesdayIvanti
 
Analyse Patch Tuesday - juin
Analyse Patch Tuesday - juinAnalyse Patch Tuesday - juin
Analyse Patch Tuesday - juinIvanti
 
December 2021 patch tuesday
December 2021 patch tuesdayDecember 2021 patch tuesday
December 2021 patch tuesdayIvanti
 
March 2021 Patch Tuesday
March 2021 Patch TuesdayMarch 2021 Patch Tuesday
March 2021 Patch TuesdayIvanti
 
April 2021 Patch Tuesday
April 2021 Patch TuesdayApril 2021 Patch Tuesday
April 2021 Patch TuesdayIvanti
 
October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018Ivanti
 
2023 January Patch Tuesday
2023 January Patch Tuesday2023 January Patch Tuesday
2023 January Patch TuesdayIvanti
 
Analyse Patch Tuesday - mai
Analyse Patch Tuesday - maiAnalyse Patch Tuesday - mai
Analyse Patch Tuesday - maiIvanti
 
Patch Tuesday for January 2020
Patch Tuesday for January 2020Patch Tuesday for January 2020
Patch Tuesday for January 2020Ivanti
 
2023 May Patch Tuesday
2023 May Patch Tuesday2023 May Patch Tuesday
2023 May Patch TuesdayIvanti
 
2022 September Patch Tuesday
2022 September Patch Tuesday2022 September Patch Tuesday
2022 September Patch TuesdayIvanti
 
Fr mar 2022 patch tuesday-presenters slides
Fr mar 2022 patch tuesday-presenters slidesFr mar 2022 patch tuesday-presenters slides
Fr mar 2022 patch tuesday-presenters slidesIvanti
 
2023 March Patch Tuesday
2023 March Patch Tuesday2023 March Patch Tuesday
2023 March Patch TuesdayIvanti
 
2023 Mars Patch Tuesday
2023 Mars Patch Tuesday2023 Mars Patch Tuesday
2023 Mars Patch TuesdayIvanti
 

Semelhante a Real-life patch test - vulnerabilities found in one simple server in 6 months (20)

2021 October Patch Tuesday
2021 October Patch Tuesday2021 October Patch Tuesday
2021 October Patch Tuesday
 
2022 March Patch Tuesday
2022 March Patch Tuesday2022 March Patch Tuesday
2022 March Patch Tuesday
 
Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020Ivanti Patch Tuesday for March 2020
Ivanti Patch Tuesday for March 2020
 
January 2022 patch tuesday
January 2022 patch tuesdayJanuary 2022 patch tuesday
January 2022 patch tuesday
 
Janvier2023PatchTuesday - Presenter slides.pptx
Janvier2023PatchTuesday - Presenter slides.pptxJanvier2023PatchTuesday - Presenter slides.pptx
Janvier2023PatchTuesday - Presenter slides.pptx
 
2022 October Patch Tuesday
2022 October Patch Tuesday2022 October Patch Tuesday
2022 October Patch Tuesday
 
June 2023 Patch Tuesday
June 2023 Patch TuesdayJune 2023 Patch Tuesday
June 2023 Patch Tuesday
 
Analyse Patch Tuesday - juin
Analyse Patch Tuesday - juinAnalyse Patch Tuesday - juin
Analyse Patch Tuesday - juin
 
December 2021 patch tuesday
December 2021 patch tuesdayDecember 2021 patch tuesday
December 2021 patch tuesday
 
March 2021 Patch Tuesday
March 2021 Patch TuesdayMarch 2021 Patch Tuesday
March 2021 Patch Tuesday
 
April 2021 Patch Tuesday
April 2021 Patch TuesdayApril 2021 Patch Tuesday
April 2021 Patch Tuesday
 
October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018October Patch Tuesday Analysis 2018
October Patch Tuesday Analysis 2018
 
2023 January Patch Tuesday
2023 January Patch Tuesday2023 January Patch Tuesday
2023 January Patch Tuesday
 
Analyse Patch Tuesday - mai
Analyse Patch Tuesday - maiAnalyse Patch Tuesday - mai
Analyse Patch Tuesday - mai
 
Patch Tuesday for January 2020
Patch Tuesday for January 2020Patch Tuesday for January 2020
Patch Tuesday for January 2020
 
2023 May Patch Tuesday
2023 May Patch Tuesday2023 May Patch Tuesday
2023 May Patch Tuesday
 
2022 September Patch Tuesday
2022 September Patch Tuesday2022 September Patch Tuesday
2022 September Patch Tuesday
 
Fr mar 2022 patch tuesday-presenters slides
Fr mar 2022 patch tuesday-presenters slidesFr mar 2022 patch tuesday-presenters slides
Fr mar 2022 patch tuesday-presenters slides
 
2023 March Patch Tuesday
2023 March Patch Tuesday2023 March Patch Tuesday
2023 March Patch Tuesday
 
2023 Mars Patch Tuesday
2023 Mars Patch Tuesday2023 Mars Patch Tuesday
2023 Mars Patch Tuesday
 

Último

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 

Último (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

Real-life patch test - vulnerabilities found in one simple server in 6 months

  • 1. Vulnerabilities found in one server in 6 months A real-life patch test Copyright 2011 Trend Micro Inc.
  • 2. Whether you patch monthly… Or every six months Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 2
  • 3. Whether you patch monthly… Or every six months The time and resource overhead is significant Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 3
  • 4. Whether you patch monthly… Or every six months The time and resource overhead is significant And are you even secure? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 4
  • 5. One of our Solution Architects PATCH put a simple virtual machine TEST through it’s paces… with fascinating results… Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 5
  • 6. 26 July 2011 Simple VM built with WIN2008 R2 only… No apps, no IIS, no SQL Server This build could equally apply to a physical server Copyright 2011 Trend Micro Inc. 6
  • 7. 6 months later… A large number of updates are available Remember this is still only one VM running nothing more than WIN2008 R2 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 7
  • 8. Look up the Knowledge Base number and find the update 6 months Now the hard later… work begins…. A large number of updates are available Remember this is still only one VM running nothing more than WIN2008 R2 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 8
  • 9. Take a closer look at the updates 09 AUG 2011… 7 important updates… 13.2MB… REBOOT REQUIRED 23 AUG 2011… 1 important update… 3.6MB… NO REBOOT 13 SEP 2011… 3 important updates… 65.4MB… NO REBOOT 11 OCT 2011… 4 important updates… 34.6MB… REBOOT REQUIRED 25 OCT 2011… 1 important update… 36K… NO REBOOT 08 NOV 2011… 2 important updates… 2.4MB… REBOOT REQUIRED 13 DEC 2011… 5 important updates… 26.1MB… REBOOT REQUIRED 29 DEC 2011… 3 important updates… 14.3MB… NO REBOOT 10 JAN 2011… 5 important updates… 19.1MB… REBOOT REQUIRED Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 9
  • 10. A total of 31 important security updates were announced over 6 RESULTS months, with approx. every other patch requiring a reboot Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 10
  • 11. How can you reboot a mission critical system that cannot be taken offline? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 11
  • 12. How can you reboot a mission critical system that cannot be taken offline? How can you reboot any system during a CHANGE FREEZE? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 12
  • 13. Significant cross-referencing and assessment of each update needs to be IMPACT undertaken by a skilled administrator. What else will the update impact? What else is vulnerable? What is the impact on our risk posture? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 13
  • 14. Patch detail Patch #1 Cumulative Security Update for ActiveX Killbits for Windows Server 2008 R2 x64 Edition (KB2618451) http://go.microsoft.com/fwli nk/?LinkID=232507 ms11-090 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 14
  • 15. Patch detail Patch #1 PATCH #2 Cumulative Security Cumulative Security Update for ActiveX Killbits Update for Internet for Windows Server 2008 Explorer 9 for Windows R2 x64 Edition Server 2008 R2 x64 (KB2618451) Edition (KB2618444) http://go.microsoft.com/fwli http://go.microsoft.com/fwli nk/?LinkID=232507 nk/?LinkID=232505 ms11-090 ms11-099 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 15
  • 16. Patch detail Patch #1 PATCH #2 PATCH #3 Security Update for Cumulative Security Cumulative Security Microsoft .NET Framework Update for ActiveX Killbits Update for Internet 3.5.1 on Windows 7 and for Windows Server 2008 Explorer 9 for Windows Server 2008 R2 SP1 for x64- R2 x64 Edition Server 2008 R2 x64 based Systems (KB2618451) Edition (KB2618444) (KB2539635) http://go.microsoft.com/fwli http://go.microsoft.com/fwli http://go.microsoft.com/fwlink nk/?LinkID=232507 nk/?LinkID=232505 /?LinkID=218325 ms11-090 ms11-099 ms11-069 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 16
  • 17. Patch detail Patch #1 PATCH #2 PATCH #3 Security Update for Cumulative Security Cumulative Security Microsoft .NET Framework Update for ActiveX Killbits for Windows Server 2008 WHICH WILL Update for Internet Explorer 9 for Windows 3.5.1 on Windows 7 and Server 2008 R2 SP1 for x64- R2 x64 Edition Server 2008 R2 x64 based Systems (KB2618451) http://go.microsoft.com/fwli YOU PATCH?? Edition (KB2618444) http://go.microsoft.com/fwli (KB2539635) http://go.microsoft.com/fwlink nk/?LinkID=232507 nk/?LinkID=232505 /?LinkID=218325 ms11-090 ms11-099 ms11-069 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 17
  • 18. Some hours later and all 31 security updates located and assessed 23 out of 31 patches are related to security vulnerabilities Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 18
  • 19. 1 VM, 1 OS, 31 patches 23 of which relate to security vulnerabilities Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 19
  • 20. 1 VM, 1 OS, 31 patches 23 of which relate to security vulnerabilities For a typical organisation with servers running 50 multiple operating systems and applications, this is a costly and resource intensive operation Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 20
  • 21. 1 VM, 1 OS, 31 patches 23 of which relate to security vulnerabilities For a typical organisation with servers running 50 multiple operating systems and applications, this is a costly and resource intensive operation Unlike the simple VM, most organisations will not be able to automatically install updates. Individual updates or batches of updates will need to be tested and deployed manually to allow for them to be backed out in case of problems during installation. Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 21
  • 22. How do you balance operational efficiency with security? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 22
  • 23. How do you balance operational efficiency with security? You want to install the minimum number of security patches for BASE LEVEL protection Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 23
  • 24. How do you balance operational efficiency with security? You want to install the minimum number of security patches for BASE LEVEL protection But you want visibility of all security vulnerabilities? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 24
  • 25. Virtual Patching: Proactively shield vulnerabilities Solution in critical systems, even without patching Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 25
  • 26. Trend Micro Deep Security Virtual Patching Solution  Detects and blocks known and zero-day attacks that target vulnerabilities  Shields web application vulnerabilities  Increased visibility into, or control over, applications accessing the network  Fully integrates with VMware and provides visibility at the hypervisor level, removing the risk of attacks not being visible within virtualised environments Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 26
  • 27. Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 27
  • 28. On the same VM running WIN2008 R2 This screen shows results of Trend Micro Deep Security Recommendation Scan : Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 28
  • 29. On the same VM running WIN2008 R2 This screen shows results of Trend Micro Deep Security Recommendation Scan : … After security updates concerning local logon, SSL protocol and kernel were discounted… …. Deep Security identified and proactively shielded 13 security updates … And then identified and shielded a further 11 security updates for which there may be no patches Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 29
  • 30. Recommendations Assess the effectiveness of your patch 1 management process Calculate the cost and risk of emergency 2 patching Request a demo of Trend Micro Deep Security 3 And see how virtual patching could reduce IT resources and costs while enhancing the security and compliance of your data centre applications www.trendmicro.co.uk 01628 400552 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 30