Why do we patch? |
 |
By Anne Stanton and Susan Bradley
22 Dec 2004 | Ecora |
|
|
 Get a glimpse inside the e-book "The complete patch management book" by Anne Stanton, president of Norwich Group, and Susan Bradley, Microsoft Small Business Server MVP. This series of book excerpts will help you navigate Chapter 1, "What is patch management?," courtesy of Ecora. Click for the complete book excerpt series.
Why do we patch?
It is obvious that we patch because software is not processing commands correctly. This mis-processing could range from elevation of privilege to information disclosure. Threat modeling, a text that explores what an adversary might attain by exploiting a flaw defines the following threat categories:
- Spoofing identity
- Tampering with data (also called integrity threats)
- Repudiation
- Information disclosure
- Denial of service
- Elevation of privilege
Patch management ensures that correct code replaces incorrect code. However, it is not the only way to reduce risk. The patch management process also includes mitigation techniques that are not actual patches but include additional procedures to protect networks if the patch is not available, or if admins cannot apply it to a network, or if there are other reasons that preclude applying the patch.
Footnote: Swiderski, Frank and Window Snyder "Threat modeling," Redmond, WA: Microsoft Press 2004.
Click for the next excerpt in this series: What is included in a Microsoft patch?
Click for book details or get more information from Ecora.
|
|
|
|
