Vulnerability Patch Testing

Is testing patches really worth it?

Usually when patches are released IT departments should be taking the patches and implementing there test procedures to determine any business impact from implementing the patch. This can include preventing that important application in marketing from working, but mostly the crayons are still OK. After this has happened within the separated Test Environment, the Change Control Procedure is conducted before this new patch is deployed into the live environment of the organisation.

Now in one or two organisations this process may be slightly less rigorous than in others. This process takes time and resources. A risk assessment should have been undertaken to determine the likelihood and impact of the vulnerability being exploited for that organisation. It could take a week or more to conduct this process effectively.

So we then ask ‘How long does it take from the patch for the vulnerabilities being released to the first attacks using that exploit being available?’ …

This used to be a time frame in keeping with the above effective process in testing and change control, recently though it appears that the game has moved on. It has been shown that attacks are often available 4 days after Patch Tuesday and in some cases even faster.

The combination of less than perfect ‘test environments and procedures’ and short timescales to attacks being available has led several large organisations to consider deploying patches immediately they are released to protect their systems.  This view is assisted by ever expanding mechanisms for application and system delivery including thin client, centralised virtual desktops and application virtualisation.  By providing the capacity to ‘roll back’ to a known state swiftly and effectively it is becoming possible for orgainsations to reduce the risk in patching early and gain the benefits.

~ by Simon Hancock on February 5, 2008.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: