Difference between revisions of "Un-patched"
GertieUbpgdd (Talk | contribs) |
|||
(2 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
+ | Un-[[patched]] is an adjective referring to [[operating system]]s, [[application]]s or [[firmware]] that means it has not been updated by [[programmers]] or by [[administrators]] for [[security]] threats. | ||
+ | |||
+ | Casually, patching is known as fixing vulnerabilities before they are exploited. Therefore, an unpatched system has increased risk to unauthorised access to data and to the system as a whole. Whilst there are several ways to deal with these exploited vulnerabilities, applying relevant patches is the most effective and efficient way of dealing with this problem. | ||
+ | |||
+ | The main issue with an un-[[patched]] system is that [[security]] controls are rendered useless by the use of an exploit, circumventing them. | ||
+ | |||
+ | Vulnerabilities can exist due to oversights in the coding of functions, configuration of the programs and architecture of the system or program. These same vulnerabilities can continue to exist due to a lack of patch management by the authors of the code. This patch management includes knowing all devices connected in a network and having schedules to ensure these patches are continually fixing discovered vulnerabilities. Patch management is critical due to a single vulnerability having the potential to allow unauthorised access to all devices on the network with priveleged user controls. | ||
+ | |||
+ | There are several reasons that patching can be, in the short term, unwanted. Depending on the location of the vulnerability, there can be difficulty implementing this patch. For example, merely patching a single function such as sanitising strings will be an easy patch to implement whilst a vulnerability deep within the code can have higher chances of failure and greater effect on the end user if a patch is applied unsuccessfully. | ||
+ | |||
+ | |||
+ | == Operating Systems == | ||
+ | Operating Systems are one of the greatest source of vulnerabilities due to the location of the security hole and the effort required to patch it. | ||
+ | |||
+ | For windows based operating systems, there are two main types of patches: | ||
+ | 1. An update, in which a single vulnerability is fixed or optimization occurs. In Windows 7, a main source of these patches is Windows Update. | ||
+ | 2. A batch of updates in a package, known as a Service Pack. In Windows XP, examples include Service Pack 1, 2 and 3 with Service Pack 2 offering a wide range of security patches. | ||
+ | |||
+ | For Unix based operating systems, most patches are in the form of software package updates particularly between releases of an operating system. There are periods of mass patching, found in each release of these operating systems. | ||
+ | |||
+ | - Case: | ||
+ | - Other examples: | ||
+ | |||
+ | == Applications == | ||
+ | - General overview: | ||
+ | - Case: | ||
+ | - Other examples: | ||
+ | |||
+ | == Firmware == | ||
+ | - General overview: | ||
+ | - Case: | ||
+ | - Other examples: | ||
{{expand}} | {{expand}} | ||
− |
Latest revision as of 04:03, 2 May 2012
Un-patched is an adjective referring to operating systems, applications or firmware that means it has not been updated by programmers or by administrators for security threats.
Casually, patching is known as fixing vulnerabilities before they are exploited. Therefore, an unpatched system has increased risk to unauthorised access to data and to the system as a whole. Whilst there are several ways to deal with these exploited vulnerabilities, applying relevant patches is the most effective and efficient way of dealing with this problem.
The main issue with an un-patched system is that security controls are rendered useless by the use of an exploit, circumventing them.
Vulnerabilities can exist due to oversights in the coding of functions, configuration of the programs and architecture of the system or program. These same vulnerabilities can continue to exist due to a lack of patch management by the authors of the code. This patch management includes knowing all devices connected in a network and having schedules to ensure these patches are continually fixing discovered vulnerabilities. Patch management is critical due to a single vulnerability having the potential to allow unauthorised access to all devices on the network with priveleged user controls.
There are several reasons that patching can be, in the short term, unwanted. Depending on the location of the vulnerability, there can be difficulty implementing this patch. For example, merely patching a single function such as sanitising strings will be an easy patch to implement whilst a vulnerability deep within the code can have higher chances of failure and greater effect on the end user if a patch is applied unsuccessfully.
Operating Systems
Operating Systems are one of the greatest source of vulnerabilities due to the location of the security hole and the effort required to patch it.
For windows based operating systems, there are two main types of patches: 1. An update, in which a single vulnerability is fixed or optimization occurs. In Windows 7, a main source of these patches is Windows Update. 2. A batch of updates in a package, known as a Service Pack. In Windows XP, examples include Service Pack 1, 2 and 3 with Service Pack 2 offering a wide range of security patches.
For Unix based operating systems, most patches are in the form of software package updates particularly between releases of an operating system. There are periods of mass patching, found in each release of these operating systems.
- Case: - Other examples:
Applications
- General overview: - Case: - Other examples:
Firmware
- General overview: - Case: - Other examples:
This article contains too little information, it should be expanded or updated. |
---|
Things you can do to help:
|