Report says firms must rethink patching strategy

Share this article:

With two billion users now accessing the internet, even a small success rate of attacks on endpoints translates to huge numbers of compromised systems.

This situation is not lost on today's cybercriminals, who are using automated means to bypass legacy perimeter defenses and continually outwit any system put in place to stop them.

However, according to a new study, "The Secunia Half Year Report 2011," released on Thursday by Secunia, a Copenhagen-based provider of IT security solutions, a patching strategy can reduce vulnerability risks by as much as 80 percent.

The opportunities are increasing for attackers as the number of endpoints exponentially rises, the report says. Exacerbating the situation is the fact that endpoints are difficult to secure since they host numerous programs and plug-ins, and are engaged in countless ways by users.

The variety of patching programs can be daunting to those charged with protecting network systems. In its testing, Secunia found that to fully patch a typical endpoint, an administrator would have to be fluent in 14 different update programs. 

For an organization with 1,000 programs that patches all of its Windows components misses 77.5 percent of vulnerabilities, Secunia found. That's because third-party applications are responsible for 69 percent of flaws on a typical endpoint machine.

So how can organizations protect a moving target? Not so easily, the report says. Maintaining patches for the variety of operating systems and software in a typical enterprise is a drain on operations personnel and budgets. Further, pinpointing which vulnerabilities are the most critical is an ever-moving reality as targets popular one year can lose attention the next, the report says.

What it boils down to is a strategy that achieves the greatest reduction in risk for the effort expended in security resources.

Effective remediation means, identifying the "right" programs to patch, Stefan Frei, research analyst director of Secunia, told SCMagazineUS.com on Thursday.

Testing patching strategies against a bed of 200 programs by both market share and by criticality of vulnerabilities, Secunia determined that patching the most critical programs remediated 71 percent of total risk, while patching the most popular programs offset just 31 percent of the risk.

A separate report from Avast Software, released on Wednesday, echoes Secunia's findings regarding unpatched systems. In a poll of users of its anti-virus solution, Avast found that more than 60 percent of those using Adobe Reader were putting their systems at risk of malware attack by running unpatched versions of the program. Also, one out of every five users was found to be using an unpatched version of Reader that was at least two generations old.

Despite regular patch releases, Adobe's widely used PDF reader has been a popular launch vehicle for miscreant coders, who use the application to embed malware exploits and payloads to take control of an affected system.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ShellShock vulnerability exploited in SMTP servers

Researchers at Trend Micro found that attackers were targeting Simple Mail Transfer Protocol (SMTP) servers to execute malicious code and an IRC bot.

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.