Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 359
  • Last Modified:

Non MS patches

Is there a list of common apps/software on both microsoft windows servers (most important) and workstations (possibly less important) that wont be patched by WSUS, and some insight into the threat not patching such apps/software poses to any sensitive data held on these servers, when they are internal only. Plus, any free tools that can be used to determine missing patches for these non ms products. What server products will WSUS patch and what wont it?
0
pma111
Asked:
pma111
  • 2
1 Solution
 
pma111Author Commented:
Plus if anyone has a custom risk assessment tool for missing patches, along with a list of risk factors to consider when quantifying just how crucial the missing patch for x software on x server actually poses to the business. I suspect this includes stuff like server location, internal only, in dmz, or data held on server, confidentiality levels etc. If such a risk assessment for CVE vulberabilities exists, that can be used to determine the real risk to the business I would love to see a copy.
0
 
antony_kibble<!-8D58D5C365651885FB5A77A120C8C8C6-->Commented:
Basically anything that isn't developed by Microsoft will not be patched, natively, by WSUS. However third party applications are able to package up non MS applications and publish them to the WSUS server so that they can be deployed by it as if they were a Microsoft patch.

Anything developed by Microsoft will be patched if it hasn't gone end of life or out of support.

For third party applications
You are looking at

All Adobe products, Reader , shockwave and flash
Quicktime
Java
Firefox
Winzip
iTunes
etc

Threats and risk can really only be done by yourself as you are knowledgeable about your own environment. We don't allow internet browsing from any of our Servers, so when it comes to patching IE cumulative updates servers come lower down the risk register than workstations. Your perimeter will also help in deciding what mitigations you have. Using Firewalls, WebSense etc will all, if updated daily or more often, help block access to and from malware sites or other malicious items.

You also need to look at how prevalent a certain application or vulnerability is within your domain, that will also help decide how critical it is to close, or if the risk is low, can be left until a more suitable time.
0
 
pma111Author Commented:
That  was to be my next question, if the admin isnt browsing the net from a server with an upatched version of adobe, or opening email on the server, which has an unpatched version of adobe, how can that unpatched version of adobe be exploted?

I know of tools like "metasploit" but for something like adobe reader how does a tool go about attacking that exploit and what kind of access will/can the exploit give them on the target server, I would have thought somehow the user would need to be tricked into opening a malcious PDF, but I may be wrong. Say someone unauthorised had gained access to our network/domain, how would they target unpatched vulns in these non MS products on target servers to gain access, can you provide some examples/scenarios, or is it fairly unlikely? I.e. unpatched version of adobe on a windows 2003 server that the attacker wants to attack to gain access to the files on that server - whats the likelehood, next to nothing?
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now