For hackers and cybercrooks, the twelve days of Christmas are also known as Patch Tuesday, the second Tuesday of every month when Microsoft provides the latest information on its security vulnerabilities, detailing how to take advantage of the world’s largest installed IT customer base. It’s a real headache for customers, says Ken Ross, senior product manager, Kace Networks, developers of the KBOX family of systems management and deployment appliances. According to Microsoft, the majority of these patches are being exploited within 30 days,
Patching, or applying software fixes, is a huge problem that is growing, and involves a lot more than just Microsoft, adds Kace VP of marketing Wynn White. A number of other vendors are starting to release their fixes at the same time.
The appliance vendor wants to eliminate "Patch Tuesday Wipeout" with a security solution that will make automating patching of key client applications a lot easier. Launching on Tuesday, it offers expanded security capabilities for addressing new vulnerabilities with integrated endpoint security support for Windows 7 and Mac OS 10.6, including easily automated patching of key client applications, along with additional international support.
"A lot of organizations are constantly playing catch-up to patches," says White. "Very rarely are they in a position where they have everything patched in a timely fashion." Referring to recent data, he says 20 percent of all systems become ‘un-patched’ over the course of a year (IDC) and organizations that can deploy patches to 80 percent of their PCs within 96 hours of a vulnerability announcement will experience an 80 percent reduction in PC downtime (Gartner).
The patch problems are worsening, says White. Not only is the number of patches increasing — fourfold last month — but so are the areas of vulnerability. "Vulnerabilities are moving up the stack. You have to be concerned about applications even more so because that’s where the threats are being found."
The new KBOX announcements include broadened patch coverage depth with support for Windows 7, Windows Server 2008 R2, Mac OS 10.6 and a range of Microsoft, Apple and third-party applications. "We’re putting a lot of effort into patching the supporting applications," says Ross, both on the latest operating systems as well as the older versions. Kace is also focusing around policy management. "Customers can set up dynamic groups so that the right patches are targeted at the right machines."
With its automation capabilities, administrators can now handle updates quickly and easily, says White. Critical patches are automatically released and can be applied across IT environments without the need for manual intervention, which minimizes vulnerability remediation response times and keeps systems up to date.
That’s one of Kace’s competitive advantages, speed of deployment, says White. Throw in an easy-to-use Web user interface and a full PC lifecycle approach and customers get a complete security solution. "We’re enabling organizations to maximize their security footprint in a timely manner, and doing this with an appliance that really helps from an ease-of-use perspective."
Kace will be hosting a free webinar titled, “Avoid the Patch Tuesday Wipeout: Ride the Endpoint Patching Wave,” on Tuesday, December 15th at 10:00 a.m. PT/1:00 p.m. ET. To register, go to: http://www.kace.com/resources/Avoid-Patch-Tuesday-Wipeout.