John Pescatore

A member of the Gartner Blog Network

John Pescatore
VP Distinguished Analyst
11 years at Gartner
32 years IT industry

John Pescatore is a vice president and research fellow in Gartner Research. Mr. Pescatore has 32 years of experience in computer, network and information security. Prior to joining Gartner, Mr. Pescatore was senior consultant for Entrust Technologies and Trusted Information Systems… Read Full Bio

Coverage Areas:

Out of Cycle Vulnerability Monday: Play It Safe, Push Patch

by John Pescatore  |  August 2, 2010  |  Submit a Comment

On Friday, Microsoft gave notice of an out of cycle patch coming for the Windows shortcut flaw that has been exploited in the wild.  Since August’s Windows Vulnerability Tuesday is just 8 days away, enterprises face a decision: push this out of cycle patch out now and then push more Windows patches next week, or just wait until next week for one patch push.

There are a number of factors that go into that decision:

  1. How automated is your patch pushing?
  2. Are your Windows machines well shielded?
  3. Are the active, effective attacks out?
  4. Is the patch likely to cause business disruption?

The answers to the first two questions are enterprise-specific. A definite “yes” to the third question.

The fourth question is generally the trickiest. First off, this patch does require a reset, so that always causes some level of business disruption and general user crankiness. However, for the past several years most Windows desktop patches have caused minimal, if any, impact to any applications. Beyond requiring a reset, the likelihood of “self inflicted wounds” is generally low – but exists.

It is sort of like AV signature/DAT file updates – most businesses just push them out as soon as they come in and do little or no QA testing. The vast majority of times that works out OK, but once every few years every AV vendor has a horror story about updates crashing customer machines. But that is generally less than .5% of the time, and Windows PC patches are running about  the same.

I think in the future it will be more important to patch rapidly, using this out of cycle patch for a critical Windows flaw that has active attacks against it will be a good reason to establish a precedent and start updating your processes to be more able to do “continuous” patching in the future.

Submit a Comment »

Category: Uncategorized     Tags:

0 responses so far ↓

  • There are no comments yet...Kick things off by filling out the form below.

Leave a Comment