CHAPTER 40

MANAGING SOFTWARE PATCHES AND VULNERABILITIES

Peter Mell and Karen Kent

40.1 INTRODUCTION

40.2 MOTIVATION FOR USING AUTOMATED PATCHING SOLUTIONS

40.3 PATCH AND VULNERABILITY MANAGEMENT PROCESS

40.3.1 Recommended Process

40.3.2 Creating a System Inventory

40.3.3 Monitoring for Vulnerabilities, Remediations, and Threats

40.3.4 Prioritizing Vulnerability Remediation

40.3.5 Creating an Organization-Specific Remediation Database

40.3.6 Testing Remediations

40.3.7 Deploying Vulnerability Remediations

40.3.8 Distributing Vulnerability and Remediation Information to Administrators

40.3.9 Verifying Remediation

40.3.10 Vulnerability Remediation Training

40.4 PATCH AND VULNERABILITY MANAGEMENT ISSUES

40.4.1 Enterprise Patching Solutions

40.4.2 Reducing the Need to Patch through Smart Purchasing

40.4.3 Using Standardized Configurations

40.4.4 Patching after a Security Compromise

40.5 CONCLUSION AND SUMMARY OF MAJOR RECOMMENDATIONS

40.6 FURTHER READING

40.7 NOTES

40.1 INTRODUCTION.

Vulnerabilities are flaws that can be exploited by a malicious entity to gain greater access or privileges than it is authorized to have on a computer system. Patches are additional pieces of code developed to address problems (commonly called “bugs”) in software. Patches enable additional functionality, or they address security flaws such as vulnerabilities within a program. Not all vulnerabilities have related patches, especially when new vulnerabilities are first announced, so system administrators ...