The five Ps of patch management Is there a simple way for businesses to develop and deploy an advanced security patch management strategy?

摘要

Security and vulnerability patching has become one of the top concerns for IT managers, but has also left many IT teams fighting a losing battle as the job of patching competes with day-to-day system maintenance and security tasks. The patching issue became a more prominent problem for businesses worldwide in 2003 when the Slammer worm was unleashed on the Internet. In the first minute after it started spreading, Slammer doubled the number of web servers it infected every 8s. Within 10 min, 90% of all vulnerable machines had been infected — leaving businesses with a £500 million bill to fix the havoc Slammer created. Yet the patch to fix the vulnerability that Slammer exploited had been available for six months. If the majority of those infected had patched their systems, Slammer would have been a minor blip.