7MS #3: Patch Strategies: Part 1 (audio)

In this episode I talk about some trends (and problems) we’re seeing on the patching front – specifically OS and third-party apps.

Download: Episode 3: Patch Strategies: Part 1 (audio)

Show notes:

  • Most organizations have the Microsoft side of the house patched well – but the third party apps (Java/Flash/Reader/etc.)?  Not so much…but that’s just as important as OS patching!
  • Most orgs do not have a good game plan for reviewing, testing, approving and pushing patches – they just patch “When we can.”
  • If you’re running Tool X to get a feel for how well the environment is patched, also run a scan periodically with Tool Y to see if things are really as patched as they appear.
  • DON’T put your end-users in charge of patching their own machines, no matter how savvy they are.
  • Authenticated scans are good!  Do both authenticated and unauthenticated for the best results.