In the latest video of our Security Culture series we talk about why patching is so important.
Patching is the process of updating software. This applies to laptops, phones and servers. It even applies to services running on our servers, like web servers or database servers. It can also refer to the libraries we use to build our software systems, although this is usually referred to as updating vulnerable dependencies.
The reason patching is so important is that unpatched systems are a common and easy target for attackers. This screenshot from Metasploit indicates about 1900 prepackaged exploits for things like Apache, Tomcat, RDP, FTP, etc.
Once issues are identified in older systems, they get weaponized in what we call 'exploits' that are usually more stable generalized code that can take advantage of the issue. These can be used by individual attackers or built into worms or other malware.
The takeaway is: we need to patch our systems even though we think it is a pain. This is a foundational but surprisingly difficult thing to take care of.
We recommend:
- Turn on auto updates for everything on endpoints (laptops, phones)
- Patch at least monthly in general
- Be ready to apply a critical patch in 24-48 hours
- Track cases where you can't and resolve them
You can also listen in on our podcast.