Wednesday 22 July 2009

Issue #8 Not Patching

Following on from my previous posts (10 & 9)

In the Microsoft world we have update Tuesday which is the second Tuesday of every month and it is when most of the patches appear on the Windows Update service. Commonly, the Wednesday after this is known as “Rollback” Wednesday because as it happens, something is invariably broken due to this. So system administrators have become wary of blindly applying patches to their servers without fully testing the implications of the patch in a staging environment. This unfortunately means that your servers may not be patched as soon as you would like them to be.

So even though you may have designed this ultra-secure system which has been put through its paces in the development and staging process, it still may be vulnerable due to some known or unknown exploit of the underlying web server or operating system.

All web servers are continuously being updated to defend against exploits that have been discovered. This issue relies on you making sure that you keep your systems up to date. Now there will be a lot of developers out there who are not in charge of the servers that they deploy to be it that the systems are deployed to a hosting provider or the internal IT structure means that there are dedicated people in charge of servers. So what is required is a solid communications channel between the developers and the admins to ensure that the underlying OS and web server are as solid as possible and thus removing this particular attack vector.

You can use Google for example to locate unpatched or unprotected servers.

No comments: