|
|
|
|
|
|
|
|
|
|
Patch Management Zone
How do you lock down security while minimizing downtime and risk to your business?
The Patch Management Zone provides practical knowledge to SUM users while supporting organizational policies, processes and best practices.
Latest News
Microsoft Security Bulletin Release for June
On June 08, 2010, Microsoft issued 10 new security updates fixing vulnerabilities in Internet Explorer, Media Components, Net Framework, Office, and Windows. Three of the updates are rated by Microsoft as critical, meaning that these bugs could be exploited by attackers running unauthorized software on a system without user action. These critical updates should be accelerated through testing to ensure they do not cause additional problems. The remaining are rated Important, meaning a vulnerability whose exploitation could result in compromise of the confidentiality, integrity, or availability of users data, or of the integrity or availability of processing resources.
The definition of the ratings by Microsoft can be found here.
 Read the full security bulletin from Microsoft
Best Practices
A patch management program sustains operational efficiency, shores up security vulnerabilities, and maintains the stability of your enterprise. It starts with having sound, repeatable processes that ensure your systems are properly configured and continuously compliant.
Failure to institutionalize these processes across your enterprise leaves your organization open to exploits that will not only cost you lost revenue, but possibly lost intellectual property too.
Be sure to consider some of the following items when you look at the real cost of poor patch management:
- Downtime - not only in terms of lost productivity, but lost opportunity as well
- Remediation time - resources required for patch assessment, delivery and verification
- Data recovery - not only how long it will take, but the process to determine data integrity
- Lost credibility - with your employees, your boss, and most important, your customers
- Legal implications - new regulatory mandates now require public disclosure when customer information is exposed
- Stolen data - the cost of losing confidential company information could be phenomenal
Patch Tuesday Release Cycle Metrics
CURRENT PROGRESS INDICATOR – Finished
| Release Period |
# of Bulletins |
Time to Completion |
| June 2010 |
10 |
29 hours |
| May 2010 |
2 |
29 hours |
| April 2010 |
11 |
24 hours |
| March 2010 |
2 |
6 hours |
| February 2010 |
13 |
20 hours |
| MS10-002 Out of Band |
1 |
5 hours |
| January 2010 |
1 |
5 hours |
| December 2009 |
6 |
20 hours |
| November 2009 |
6 |
9 hours |
| October 2009 |
13 |
28 hours |
| September 2009 |
5 |
13 hours |
| August 2009 |
11 |
35 hours |
| July 28 2009 |
2 |
36 hours |
| July 2009 |
6 |
11 hours |
| June 2009 |
10 |
15 hours |
| May 2009 |
1 |
7 hours |
| April 2009 |
8 |
16 hours |
| March 2009 |
5 |
10 hours |
| Security Advisory KB967940 |
1 |
19 hours |
| February 2009 |
5 |
10 hours |
| January 2009 |
1 |
5 hours |
| MS08-078 Out of Band release |
1 |
6 hours |
| December 2008 |
8 |
26 hours |
| November 2008 |
3 |
12 hours |
| MS08-067 Out of Band release |
1 |
5 hours |
| October 2008 |
12 |
24 hours |
Patch Tuesday News
Content of Patch Tuesday News is available to registered users only. If you do not see the Current Progress Indicator and Patch Tuesday Cycle Metrics below, please log in or register using the links in the upper right corner of this page.
|
|
|
|
|
|