Solved

Non MS patches

Posted on 2011-03-16
3
338 Views
Last Modified: 2012-05-11
Is there a list of common apps/software on both microsoft windows servers (most important) and workstations (possibly less important) that wont be patched by WSUS, and some insight into the threat not patching such apps/software poses to any sensitive data held on these servers, when they are internal only. Plus, any free tools that can be used to determine missing patches for these non ms products. What server products will WSUS patch and what wont it?
0
Comment
Question by:pma111
  • 2
3 Comments
 
LVL 3

Author Comment

by:pma111
ID: 35149198
Plus if anyone has a custom risk assessment tool for missing patches, along with a list of risk factors to consider when quantifying just how crucial the missing patch for x software on x server actually poses to the business. I suspect this includes stuff like server location, internal only, in dmz, or data held on server, confidentiality levels etc. If such a risk assessment for CVE vulberabilities exists, that can be used to determine the real risk to the business I would love to see a copy.
0
 
LVL 12

Accepted Solution

by:
antony_kibble<!-8D58D5C365651885FB5A77A120C8C8C6--> earned 125 total points
ID: 35149379
Basically anything that isn't developed by Microsoft will not be patched, natively, by WSUS. However third party applications are able to package up non MS applications and publish them to the WSUS server so that they can be deployed by it as if they were a Microsoft patch.

Anything developed by Microsoft will be patched if it hasn't gone end of life or out of support.

For third party applications
You are looking at

All Adobe products, Reader , shockwave and flash
Quicktime
Java
Firefox
Winzip
iTunes
etc

Threats and risk can really only be done by yourself as you are knowledgeable about your own environment. We don't allow internet browsing from any of our Servers, so when it comes to patching IE cumulative updates servers come lower down the risk register than workstations. Your perimeter will also help in deciding what mitigations you have. Using Firewalls, WebSense etc will all, if updated daily or more often, help block access to and from malware sites or other malicious items.

You also need to look at how prevalent a certain application or vulnerability is within your domain, that will also help decide how critical it is to close, or if the risk is low, can be left until a more suitable time.
0
 
LVL 3

Author Comment

by:pma111
ID: 35149499
That  was to be my next question, if the admin isnt browsing the net from a server with an upatched version of adobe, or opening email on the server, which has an unpatched version of adobe, how can that unpatched version of adobe be exploted?

I know of tools like "metasploit" but for something like adobe reader how does a tool go about attacking that exploit and what kind of access will/can the exploit give them on the target server, I would have thought somehow the user would need to be tricked into opening a malcious PDF, but I may be wrong. Say someone unauthorised had gained access to our network/domain, how would they target unpatched vulns in these non MS products on target servers to gain access, can you provide some examples/scenarios, or is it fairly unlikely? I.e. unpatched version of adobe on a windows 2003 server that the attacker wants to attack to gain access to the files on that server - whats the likelehood, next to nothing?
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Firewall Philosophy and Risks 8 124
Data Leak protection 7 80
Installation of Nessus Professional 5 80
Best motion capture software for windows 7 5 86
You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now