For Those Who Think Microsoft Patching is Optional
That’s the number of patches Microsoft issued for its software and services yesterday, as it does each month on the 2nd Tuesday. Yes, nearly 1000 – and all but 20 were deemed to be “important” for system security. This monthly total is nothing unusual, by the way.
So why write about the topic now? Over the last year, we’ve taken on a number of new clients whose network patching status was so out of date we frankly couldn’t believe it. This sort of maintenance is server/network management 101 but apparently it is getting skipped out there. A LOT.
Why does it matter? Consider just some of the tools and hardware these vulnerabilities apply to:
- One Drive
- SQL Server
- All Microsoft Office programs (Excel, Word, etc.)
…and the list goes on, including various types of servers and all available versions of Windows.
Okay, so what are the risks of not staying current with system patches? Well, here’s another short, sample list.
This one shows the kinds of cybersecurity threats such updates are meant to guard against:
- Information disclosure
- Denial of service
- Remote code execution
- Elevation of privilege
Again, just a short list. If you’re a business leader not deeply involved in IT, the terms above may have only vague meaning. Long story short: they pose a risk to your most valuable business asset – your data.
To be fair, staying ahead of the hackers who are constantly searching for security gaps is no easy task and Microsoft will always need to issue updates as a result. But just like wearing a seat belt during a car accident, these patches do your network no good if not installed.
Here at Cynexlink, we provide what we call “white label patching” for all of our clients, which means we test all patches before deployment. Why? Unfortunately, in rare instances these patches can cause other system issues such as workstation crashes, problems opening Outlook emails and more.
Thus, we occasionally have to hold back 1 or 2 patches from deployment, trusting the other layers of cybersecurity we provide to keep our client networks safe. That said, leaving all 884 security doors open is not an option.
If you’re uncertain of your network’s patch status, use the form below to discover how we can help.
During February, we will provide a free patch status health report on any prospective client network. Take us up on this offer anytime this month and be certain that the most basic cybersecurity protection is regularly being applied to protect your business.