Patching Ur Computers – Actually Reduces Risk

Patch Tuesday  August ( 8/11/2015)

Here is Microsoft patch Tuesday August 2015 edition

https://technet.microsoft.com/en-us/library/security/ms15-aug.aspx

 

How can I say that unpatched computers will get hacked? Any Metasploit pentester will tell you this.

Metasploit-screenshot0715

Metasploit is a nifty program (runs on Linux) that will attack computers with various attacks and payloads. It takes advantage of people who do not patch old vulnerabilities.

But what happens if you patch all the vulnerabilities?  Then the pentester has to find other methods to attack.

 

Here is one from this month’s list that needs to be patched  – as it is a remote code execution: http://go.microsoft.com/fwlink/?LinkId=620118

Cumulative Security Update for Microsoft Edge (3084525)

Also http://go.microsoft.com/fwlink/?LinkID=620908

Security Update for Internet Explorer (3088903)

Before patching any system make sure that you perform a backup at some point(in case the patch goes bad).

Remember that a patch is patching a vulnerability that has been out for months now. (it takes months sometimes to create a fix).

Now you know why you should install patches.

vulnerability-attacktimeline

 

Sooner the better, as an attack is already being devised and being implemented now.

I have discussed a certain aspect of patching computers before: http://oversitesentry.com/are-we-falling-behind-on-patching-computers/

 

The primary question still stands: Can we patch vulnerabilities faster than attackers can exploit them?

And don’t forget to patch all software, there is a good list of patches this month: http://blog.securityrecruiter.com/2015/08/cyber-security-vulnerability-and-patch_16.html  for the following software(Microsoft)

Adobe Flash Player, Apple iOS, Apple iTunes, Apple OS X, Apple Safari, Dropbox, Google Chrome, KeePass,LastPass, Lenovo Service Engine BIOS, Mozilla Firefox, Skype

 

Contact Us for discussion or help

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.