On the second Tuesday of each month, Microsoft releases security updates (or “bulletins”) for all of its products, many of which are critical for maintaining the security and reliability of your computers that run on a Windows operating system. Today, Microsoft will patch a record 64 vulnerabilities in its software. These vulnerabilities will be addressed across 17 updates, 9 of which are rated “critical”. This “critical” rating is the highest in a four-tier rating system that indicates malicious code (virus, worm, etc.) requires no user interaction to spread across an unpatched network.
Let’s look at how these updates and vulnerabilities affect your business, and what you can do about it:
Why You Should Patch
A vulnerability is a software flaw that could be exploited in order to maliciously affect or control your computer. Vulnerabilities are constantly being discovered, exposed, and patched in order to keep Microsoft operating systems and software secure. Patching is one very important component of overall network security, one which is complemented but not replaced by running an up-to-date antivirus program. A vulnerable system could lead to a compromised network, stolen confidential data, or an infected network that keeps your employees from being productive.
Why You May Not Be Patching
So why would anyone choose not to patch? Usually, it isn’t a conscious decision: Although Microsoft does have automatic update mechanisms in place, they are often disabled, ignored, or otherwise disregarded. In fact, we recently conducted an internal survey of clients who did not utilize a formal patch management system and found that over 90% were missing at least one critical update! We also find an overwhelming percentage of users who inadvertently disable updates without realizing it. Another common cause for an out-of-date system stems from the fact that a large number of patches require a reboot in order to be applied, and many future patches can’t be installed until this happens. For businesses who run a 24/7 server and never worry about rebooting, it is almost a guarantee that you have major vulnerabilities on that system.
What You Can Do About It
All of our clients who utilize IT/365 for Remote Monitoring (It’s FREE!) are eligible to upgrade to our Patch Management program. Utilizing update servers that are managed by InfoTECH technicians, we control Microsoft patches to ensure your systems stay up to date. Our team can see a point-in-time snapshot of your patch status and instantly deploy new updates to your network with zero user intervention. If your machines need to be rebooted in order for patches to take effect, we will coordinate with you to avoid interruption to your business. Alternatively, if you’d like to manually maintain the updates for your network, you can follow these directions for setting up automatic updates on each computer: http://support.microsoft.com/kb/306525.