What You Must Know

Previous page
Table of content
Next page

Before using this How To, you should be aware of the following issues and considerations.

The Patch Management Process

Patch management is a circular process and must be ongoing. The unfortunate reality about software vulnerabilities is that, after you apply a patch today, a new vulnerability must be addressed tomorrow.

Develop and automate a patch management process that includes each of the following:

  • Detect . Use tools to scan your systems for missing security patches. The detection should be automated and will trigger the patch management process.

  • Assess . If necessary updates are not installed, determine the severity of the issue(s) addressed by the patch and the mitigating factors that may influence your decision. By balancing the severity of the issue and mitigating factors, you can determine if the vulnerabilities are a threat to your current environment.

  • Acquire . If the vulnerability is not addressed by the security measures already in place, download the patch for testing.

  • Test . Install the patch on a test system to verify the ramifications of the update against your production configuration.

  • Deploy . Deploy the patch to production computers. Make sure your applications are not affected. Employ your rollback or backup restore plan if needed.

  • Maintain . Subscribe to notifications that alert you to vulnerabilities as they are reported . Begin the patch management process again.

The Role of MBSA in Patch Management

The Microsoft Baseline Security Analyzer (MBSA) is a tool that is designed for two purposes: first, to scan a computer against vulnerable configurations; and second, to detect the availability of security updates that are released by Microsoft.

In this How To, you use MBSA without scanning for vulnerable configurations. When using the graphical user interface (GUI), specify this by unchecking the options in Figure 1 and only choosing Check for s e curity updates .


Figure 1: MBSA scan options

When using the command line interface (Mbsacli.exe), you can use the following command to scan only missing security updates. 

 Mbsacli.exe /n OS+IIS+SQL+PASSWORD

The option /n specifies the checks to skip. The selection ( OS+IIS+SQL+PASSWORD ) skips the checks for vulnerabilities and weak passwords.

For more details about using MBSA, including the security configuration scan, see "How To: Use MBSA" in the How To section of this guide.

Backups and Patch Management

You should perform backups prior to deploying an update on production servers. Regularly test backups as well as your backup process. Discovering that your backup process is broken during restoration can be devastating.



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
CompTIA Project+ Study Guide: Exam PK0-003
Cisco CallManager Fundamentals (2nd Edition)
File System Forensic Analysis
Special Edition Using FileMaker 8
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy