Historical patch process window

The windows of time between patch releases and attack windows are shortening. Track the history in this excerpt from Chapter 1 of of "The complete patch management book."

The complete patch management book Get a glimpse inside the e-book "The complete patch management book" by Anne Stanton, president of Norwich Group, and Susan Bradley, Microsoft Small Business Server MVP. This series of book excerpts will help you navigate Chapter 1, "What is patch management?," courtesy of Ecora. Click for the complete book excerpt series.


Historical patch process window

Until recently, an administrator could be somewhat lax in applying patches. According to Forrester Research, the average time between the release of a patch and the attack of a worm was 305 days in March 2003. However, that window of opportunity has been shortening.

Common Name Attack Date Patch Issued Advance Notice Impact of Attack
SQL Slammer 1/25/03 7/24/02 185 days Infections doubled every 8.5 seconds
Bugbear 9/30/02 5/16/01 502 days More than 2 million infected computers
Frethem 7/17/02 5/16/01 427 days 12 variants in the first two months of activity
Yaha 6/22/02 5/16/01 402 days Intercepted in one of every 268 emails at peak
Elkern 4/17/02 5/16/01 336 days Detected in more than 40 different countries
Klez 4/17/02 5/16/01 336 days $9 billion worldwide productivity loss
Badtrans 11/24/01 5/16/01 192 days Message Labs has seen 458,359 instances
Nimda 9/18/01 10/17/00 336 days Spread worldwide in 30 minutes
Code Red 7/19/01 6/18/01 31 days Infection doubled every 37 minutes

As the table shows, in March 2003, administrators had many opportunities to test patches and even wait until a Service Pack before deploying. However, this window has been shortening in to include instances where patches were not available. More recently, the time between the patch and the worm for an exploit commonly known as MSBlaster was 16 days. In June 2004, Microsoft's Internet Explorer browser suffered several security issues left unpatched by Microsoft for many weeks. Therefore, while stressing patch application as the best security prevention, we include remediation techniques as well in this patch management process.

Footnote: Koetzle, Laura, Ted Schadler, Charles Rutstein and Robert Whiteley, Can Microsoft be secure? Cambridge, MA: Forrester Research, March 2003.

Click for the next excerpt in this series: Finding out about patches


Click for book details or get more information from Ecora.

Dig deeper on Patches, alerts and critical updates

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close