Solved

Non MS patches

Posted on 2011-03-16
3
344 Views
Last Modified: 2012-05-11
Is there a list of common apps/software on both microsoft windows servers (most important) and workstations (possibly less important) that wont be patched by WSUS, and some insight into the threat not patching such apps/software poses to any sensitive data held on these servers, when they are internal only. Plus, any free tools that can be used to determine missing patches for these non ms products. What server products will WSUS patch and what wont it?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 3

Author Comment

by:pma111
ID: 35149198
Plus if anyone has a custom risk assessment tool for missing patches, along with a list of risk factors to consider when quantifying just how crucial the missing patch for x software on x server actually poses to the business. I suspect this includes stuff like server location, internal only, in dmz, or data held on server, confidentiality levels etc. If such a risk assessment for CVE vulberabilities exists, that can be used to determine the real risk to the business I would love to see a copy.
0
 
LVL 12

Accepted Solution

by:
antony_kibble<!-8D58D5C365651885FB5A77A120C8C8C6--> earned 125 total points
ID: 35149379
Basically anything that isn't developed by Microsoft will not be patched, natively, by WSUS. However third party applications are able to package up non MS applications and publish them to the WSUS server so that they can be deployed by it as if they were a Microsoft patch.

Anything developed by Microsoft will be patched if it hasn't gone end of life or out of support.

For third party applications
You are looking at

All Adobe products, Reader , shockwave and flash
Quicktime
Java
Firefox
Winzip
iTunes
etc

Threats and risk can really only be done by yourself as you are knowledgeable about your own environment. We don't allow internet browsing from any of our Servers, so when it comes to patching IE cumulative updates servers come lower down the risk register than workstations. Your perimeter will also help in deciding what mitigations you have. Using Firewalls, WebSense etc will all, if updated daily or more often, help block access to and from malware sites or other malicious items.

You also need to look at how prevalent a certain application or vulnerability is within your domain, that will also help decide how critical it is to close, or if the risk is low, can be left until a more suitable time.
0
 
LVL 3

Author Comment

by:pma111
ID: 35149499
That  was to be my next question, if the admin isnt browsing the net from a server with an upatched version of adobe, or opening email on the server, which has an unpatched version of adobe, how can that unpatched version of adobe be exploted?

I know of tools like "metasploit" but for something like adobe reader how does a tool go about attacking that exploit and what kind of access will/can the exploit give them on the target server, I would have thought somehow the user would need to be tricked into opening a malcious PDF, but I may be wrong. Say someone unauthorised had gained access to our network/domain, how would they target unpatched vulns in these non MS products on target servers to gain access, can you provide some examples/scenarios, or is it fairly unlikely? I.e. unpatched version of adobe on a windows 2003 server that the attacker wants to attack to gain access to the files on that server - whats the likelehood, next to nothing?
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question