Patch, Patch, Patch Those Vulnerabilities

Robinson+Cole Data Privacy + Security Insider
Contact

The bane of data security is the patch. The patch is what your IT guys are doing in the background to fix vulnerabilities in software that are known to the manufacturers, and to attempt to fix the vulnerability before hackers can exploit it.

Patching is a very important part of a security plan, but the number of patches that must be implemented by your security team has increased dramatically and sometimes the patching schedule can be challenging. Not staying on top of patching vulnerabilities can result in a catastrophic data breach like one that occurred this year.

When a manufacturer issues an emergency patch, it is wise to heed the warning and patch the vulnerability. Today, Microsoft issued an emergency patch for a security vulnerability in its Internet Explorer web browser that is being used by attackers to break into Windows computers.

The weakness was reported to Microsoft from Google, which advised that the new vulnerability was being used in targeted attacks, and the attacker is able to install programs, delete or change data or create new accounts when a user visits a booby-trapped website.

The word from Microsoft is “users are urged to update their systems as soon as possible to reduce the risk of compromise.” Since it is an emergency patch, heed the advice from Microsoft.

Data security personnel struggle with the sheer number of patches that are issued by manufacturers, and users are inpatient in allowing the security personnel to disrupt access and user experience in order to patch the vulnerabilities. Users—try to understand the challenge that your colleagues are faced with and be patient. Let your data security personnel patch and plug so you can continue using the programs and assets. The alternative is far worse.

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson+Cole Data Privacy + Security Insider | Attorney Advertising

Written by:

Robinson+Cole Data Privacy + Security Insider
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide