Get a glimpse inside the e-book "The complete patch management book" by Anne Stanton, president of Norwich Group, and Susan Bradley, Microsoft Small Business Server MVP. This series of book excerpts will help you navigate Chapter 1, "What is patch management?," courtesy of Ecora. Click for the complete book excerpt series.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Historical patch process window
Until recently, an administrator could be somewhat lax in applying patches. According to Forrester Research, the average time between the release of a patch and the attack of a worm was 305 days in March 2003. However, that window of opportunity has been shortening.
|Common Name||Attack Date||Patch Issued||Advance Notice||Impact of Attack|
|SQL Slammer||1/25/03||7/24/02||185 days||Infections doubled every 8.5 seconds|
|Bugbear||9/30/02||5/16/01||502 days||More than 2 million infected computers|
|Frethem||7/17/02||5/16/01||427 days||12 variants in the first two months of activity|
|Yaha||6/22/02||5/16/01||402 days||Intercepted in one of every 268 emails at peak|
|Elkern||4/17/02||5/16/01||336 days||Detected in more than 40 different countries|
|Klez||4/17/02||5/16/01||336 days||$9 billion worldwide productivity loss|
|Badtrans||11/24/01||5/16/01||192 days||Message Labs has seen 458,359 instances|
|Nimda||9/18/01||10/17/00||336 days||Spread worldwide in 30 minutes|
|Code Red||7/19/01||6/18/01||31 days||Infection doubled every 37 minutes|
As the table shows, in March 2003, administrators had many opportunities to test patches and even wait until a Service Pack before deploying. However, this window has been shortening in to include instances where patches were not available. More recently, the time between the patch and the worm for an exploit commonly known as MSBlaster was 16 days. In June 2004, Microsoft's Internet Explorer browser suffered several security issues left unpatched by Microsoft for many weeks. Therefore, while stressing patch application as the best security prevention, we include remediation techniques as well in this patch management process.
Footnote: Koetzle, Laura, Ted Schadler, Charles Rutstein and Robert Whiteley, Can Microsoft be secure? Cambridge, MA: Forrester Research, March 2003.
Click for the next excerpt in this series: Finding out about patches
Click for book details or get more information from Ecora.