Microsoft Patch Tuesday

On the second Tuesday of each month since 2003, Microsoft has released security-related updates to Windows (desktop and server), Office, and related products. Updates and patches aren’t only released on that frequency, sometimes there are ‘Out-Of-Band (OOB)’ updates for actively exploitable vulnerabilities.  

Where To Find Updates

Every security update issued by Microsoft is given with a summary published by the Microsoft Security Response Center (MSRC) at approximately the same time the updates are released. Oftentimes you will see the Common Vulnerability and Exposure (CVE) number associated with the security gap, which you can easily search for on Google to find more information. 

CVE entries are brief, they don’t include technical data or information about potential impacts or the fixes themselves. Those details appear in other databases, including the U.S. National Vulnerability Database (NVD), the CERT/CC Vulnerability Notes Database, and additional lists controlled by the vendor in question or other cybersecurity organizations. Across these different systems, CVE IDs give users a reliable way to understand unique security flaws in a repeatable fashion.

A related standard for ranking the criticality of a CVE is found in the Common Vulnerability Scoring System (CVSS), a set of open standards for assigning a number to a vulnerability to assess its severity. CVSS scores are listed in CVE, NVD, and CERT advisories. Scores range from 0.0 to 10.0, with higher numbers representing a higher degree of severity of the vulnerability. Many security vendors have created their own scoring systems, as well. Below is the official rating system published by Microsoft: 

What’s The Best Practice Regarding Patch Tuesday?

Every SMB should have a process for handling critical vulnerability alerts in order to quickly assess risk and make important, time-sensitive decisions, about how to react. With a Vulnerability Alert Management Process (VAMP) in place, you can have a clear guide to when to jump and how high to jump for a given vulnerability or exposure.

In order to stay up to date at all times, it’s important to deploy a cloud-based patch management solution to automatically update software whenever and wherever necessary. Most Managed Service Providers leverage one of the big three Remote Monitoring and Management (RMM) solutions (Connectwise, Datto, and Kaseya) for patching their managed systems. These RMM solutions also provide monitoring, and remote access in addition to tested and validated patching services to their clients.

Standalone patch management solutions for companies not using the above-mentioned RMM solutions include ManageEngine and Automox.

SMB PROTECTIONS BEYOND PATCH MANAGEMENT

In addition to adopting a patch management system, CyberHoot recommends the following best practices to protect individuals and businesses against, and limit damages from, online cyber attacks:

Find out how CyberHoot can secure your business.

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.