Report says firms must rethink patching strategy
With two billion users now accessing the internet, even a small success rate of attacks on endpoints translates to huge numbers of compromised systems.
This situation is not lost on today's cybercriminals, who are using automated means to bypass legacy perimeter defenses and continually outwit any system put in place to stop them.
However, according to a new study, "The Secunia Half Year Report 2011," released on Thursday by Secunia, a Copenhagen-based provider of IT security solutions, a patching strategy can reduce vulnerability risks by as much as 80 percent.
The opportunities are increasing for attackers as the number of endpoints exponentially rises, the report says. Exacerbating the situation is the fact that endpoints are difficult to secure since they host numerous programs and plug-ins, and are engaged in countless ways by users.
The variety of patching programs can be daunting to those charged with protecting network systems. In its testing, Secunia found that to fully patch a typical endpoint, an administrator would have to be fluent in 14 different update programs.
For an organization with 1,000 programs that patches all of its Windows components misses 77.5 percent of vulnerabilities, Secunia found. That's because third-party applications are responsible for 69 percent of flaws on a typical endpoint machine.
So how can organizations protect a moving target? Not so easily, the report says. Maintaining patches for the variety of operating systems and software in a typical enterprise is a drain on operations personnel and budgets. Further, pinpointing which vulnerabilities are the most critical is an ever-moving reality as targets popular one year can lose attention the next, the report says.
What it boils down to is a strategy that achieves the greatest reduction in risk for the effort expended in security resources.
Effective remediation means, identifying the "right" programs to patch, Stefan Frei, research analyst director of Secunia, told SCMagazineUS.com on Thursday.
Testing patching strategies against a bed of 200 programs by both market share and by criticality of vulnerabilities, Secunia determined that patching the most critical programs remediated 71 percent of total risk, while patching the most popular programs offset just 31 percent of the risk.
A separate report from Avast Software, released on Wednesday, echoes Secunia's findings regarding unpatched systems. In a poll of users of its anti-virus solution, Avast found that more than 60 percent of those using Adobe Reader were putting their systems at risk of malware attack by running unpatched versions of the program. Also, one out of every five users was found to be using an unpatched version of Reader that was at least two generations old.
Despite regular patch releases, Adobe's widely used PDF reader has been a popular launch vehicle for miscreant coders, who use the application to embed malware exploits and payloads to take control of an affected system.