System Patch Management and hacker virus snatching time

In today's busy IT networks, there are always new security viruses. Therefore, patch management has become the most basic management task. Some companies do not take any measures to protect themselves before being attacked, while others do not consider patching as much as possible.

Patch a network is divided into two steps: first, scan the machine to see what patches are missing, and second, attach the patches to your system as soon as they are released. Using the automatic patch management solution is the best way to prevent security threats before they occur. Microsoft will release security threats on the first Tuesday of every month. The automatic solution can protect itself in a timely manner. In addition, it also benefits organizations today to save network bandwidth and remote patching.

It is one of the most controversial topics for enterprises to determine when to apply patches. At an expert seminar at the Information Security decision-making conference (Information Security Decisions conference) held in Chicago, experts said that the interval between gradually decreasing vulnerability announcement and attack initiation was, it is vital to analyze the most vulnerable areas and patch them.

A typical example is that the "Code Red" virus has been infected with more than 0.25 million systems in just nine hours since its discovery. The initial red code was a Denial-of-Service attack on the white palace website server. Later, Code 2 (Code Red II) changed, and the attacker had full remote access permissions to the attacked Web server.

I always ask everyone to evaluate the patches by themselves. People often arbitrarily comment on patches. Ask yourself, do your organization need a "heavyweight" patch? You must check the threats. For example, Microsoft positions denial-of-service attacks as low-level threats, but for online banks, denial-of-service attacks are very serious.

If the network is not patched before the attack, the loss will be extremely heavy. For example, the loss of production and sales, and the cost of virus removal, the two figures must be considerable.

Patch Management may be a very time-consuming task, and you must ensure that your servers are protected. Therefore, if you have such a product, you can decide which patch is more critical than others, and you do not have to spend too much time manually patching, and you have been controlling all of this, so this product is really good.

Good tools provide a way to identify common security configuration errors, including graphical interfaces and command line interfaces. You can scan local systems or perform remote scanning.