July Patch Day Round-Up

PatchWithoutBorderOracle has released their quarterly Critical Patch Update.  There is a long list of products with updates coming and at the top of that list from a severity standpoint is Java.  With a CVSS base score of 10.0 on some of the vulnerabilities, the 20 new security fixes for Java SE are definitely in need of some immediate attention.  All 20 of the vulnerabilities in Java could be remotely exploited without authentication.  This means exploitable over a network without the need for a username and password.

Oracle Database server may only have 5 vulnerabilities being resolved, but one or more of those have a CVSS base score of 9.0.  Several other products like Fusion, Virtualization, and Retail Applications have CVSS base scores of 7.5 and the rest start to fall steadily from there, but one fairly common theme is the remotely executable without the need for authentication.  Companies running a lot of Oracle software should take some time on Tuesday and review what solutions they have and where they are to see if immediate action is necessary.  Again, for Java, the urgency is going to be far greater.  If you don’t have a breaking dependency on a specific version it would be a good idea to roll out ASAP.

With Oracle’s CPU today Java should be added to the top of the priorities list this month.   Three updates in particular should be considered a top priority as you are conducting your monthly maintenance.  Flash Player, the IE Cumulative Update, and Oracle Java.  The July Patch Tuesday update to IE to resolve 23 memory corruption vulnerabilities, one of which was publicly disclosed, appears to be a continuation of the very large IE Cumulative update from June which had over 50 fixes to memory corruption vulnerabilities.  The Adobe Flash player update resolves three vulnerabilities that allow an attacker to bypass security features.  Adobe Flash has had critical release every month in 2014, and on Patch Tuesday for six of seven months.  It is looking to be a permanent fixture for IT Admins to prioritize each month.  If you haven’t been keeping it up to date, there is ample cause to do so.

July Patch Tuesday Advanced Notification

PatchWithoutBorder

Microsoft has announced this month’s Patch Tuesday release.  It looks pretty clean at first glance.  IE with a lot of OS patches and likely nothing all that complex.  The one thing to watch for will be the possibilities of more dependencies.  For those running Windows 8.1 or Server 2012 R2, make sure you are prioritizing Update 1 to be rolled out.  Next month is the cut off after Microsoft extended the Update 1 required for continued patch support on those platforms. There are 6 total patches expected to be released on Tuesday, July 8th. Here is the breakdown for this month:

 

Security Bulletins:

  • 2 bulletins are rated as Critical.
  • 3 bulletins are rated as Important.
  • 1 bulletin is rated as Moderate.

Vulnerability Impact:

  • 2 bulletins address vulnerabilities that could allow Remote Code Execution.
  • 3 bulletins address vulnerabilities that could allow Elevation of Privileges.
  • 1 bulletin addresses a vulnerability that could lead to Denial of Service.

Affected Products:

  • All supported Windows operating systems
  • All supported Internet Explorer versions

Join us as we review the Microsoft and third-party releases for June Patch Tuesday in our next monthly Patch Tuesday webcast, which is scheduled for Wednesday, July 9th at 11 a.m. CDT.  We will also discuss other product and patch releases since the May Patch Tuesday.

You can register for the Patch Tuesday webinar here.

Welcome to the World of Shavlik Product Documentation

Joe Andert

Joe Andert

Hi everyone, and welcome to my corner of the world at Shavlik. For those who don’t know me, I am a technical communicator at Shavlik and I’ve been providing documentation for Shavlik products for more years than I care to admit. I’ve been with the company for all these years because the people and the products are simply the best!

When I was offered the opportunity to write a series of blog articles, I jumped at the chance. I am not in marketing so I won’t be writing flowery prose about our products. Rather, I would like to use this forum to provide some real meat and potatoes material, information you can use right now to improve the way you use our wonderful products. Sort of like those “The More You Know” public service announcements you see on TV. Continue reading

What We Learned from Microsoft System Center Configuration Manager Users

I’ve worked in the systems management arena for some time now.  Working with disgruntled Microsoft System Center Configuration Manager (SCCM) customers for most of my career, we had some assumptions going Customer Serviceinto this research.  Fortunately, the data proved us wrong.  After doing a survey of 150 IT professionals, we found some surprising (or maybe not surprising to you) finds about ConfigMgr.

1)    Configuration Manager customers actually like Configuration Manager.  Weird.  We were under the impression that many people picked SCCM because of politics or it was included in their Enterprise Agreement.  This is not the case.  In Shavlik’s study 72% of SCCM customers chose SCCM because it was the best fit.

2)    SCCM customers would like Configuration Manager to be the central hub of IT activity.  But surprisingly, 27% of SCCM customers currently use add-ins to solve problems not solved by Microsoft.  This means that either they are unaware of some of the gaps or they are solving these problems by using additional tools not integrated in SCCM.

3)    Third-party patch management was reported surprisingly high as a missing feature of SCCM – 38% of respondents selected third-party patching as a high priority. This is a great case for Shavlik Patch for Microsoft System Center an add-in solution that takes care of the third-party patching problem.  Even though Microsoft is the master of OS patching, they fall short on third-party patching and tend to leave these “treadmill”-type activities to the other vendors

Respondents expectations for a Microsoft System Center Configuration Manager add-in

Respondents expectations for a Microsoft System Center Configuration Manager add-in

4)    SCCM admins don’t want additional crap in their infrastructure.  Setting up SCCM was difficult enough.  Adding more databases, interfaces, and potentially servers and infrastructure does not constitute an “add-in” product.  Add-ins should use the native functionality of SCCM with either no additional or light additional components that are leverage the existing infrastructure and software.

If you are an SCCM admin or have experience with SCCM in your IT career, please respond to this Blog and tell me what you like/dislike about SCCM.

Protecting my Mom – Part 3 – How Easy is it to Get Hacked?

Keeping our moms safe can be a daunting task.

Keeping our moms safe can be a daunting task.

In our first installment of “Protecting my Mom” we discussed some phone phishing attack that I was targeted for. This was followed by our second part where I found myself being attacked over a Wi-Fi network that was setup for the express purposes of compromising machines that roamed onto it. In this final installment, we take on the role of an attacker and are reminded of how easy it is to be hacked.

My challenge to myself was simple,  how fast could I target a machine and compromise it using off the shelf tools. My goal: 5 minutes from start to finish. How much time did I need? The stopwatch showed a mere 2 minutes and 13 seconds. Scared yet?  — After doing that I was. After being the target of a hack twice in the span of less than a week, I decided to go from being the “prey” to being the “hunter.” How hard is it to be hacked? And if I was hacked, how long does it take me to start grabbing data that I could use? Don’t worry, I’m doing this as a bit of a test and I’m using my own Virtual Machines, so I’m not turning my abilities on any other person, it’s more of a challenge to see how hard it is. Continue reading

Did you know … ?

Did you know?

Did you know?

Here it is my turn to contribute to the Shavlik blog, and I am stricken with “bloggers’ block.” As I try to think of insightful things to say, (those who know me know I rarely say insightful things), nothing comes to mind but questions.

So in the spirit of acceptance of things that can’t be changed, let’s just go with the questions gig.

Did you know…?

  • Shavlik is hosting two webinars this week. “Getting Started with Shavlik Patch” will help new or trial users of Shavlik Patch get up and running and optimize their third-party patching process within SCCM. “Simplified Third-Party Patching for Microsoft System Center” will explain how Shavlik can help you select and deploy third-party patches all from within SCCM. Getting Started with Shavlik Patch
    Wednesday, June 18, 2014 10:00am CDT
    Register Now
  • Continue reading

Protecting my Mom – Part 2 – Wi-Fi in the Wild

In the first installment of “Protecting my Mom,” we discussed some phone phishing attacks that I was targeted for. What was a truly believable attack that would have been successful if it had targeted someone that wasn’t so computer-savvy. In this second part, we discuss a real-life attack that occurred to me at the Minneapolis/St. Paul airport while I was preparing for a flight.

Access DeniedWe’ve all been there, right?  With all the technology we have grown accustomed to in life some have theorized, either jokingly or seriously that Maslow’s hierarchy of needs should be reviewed to include a layer below Physiological needs (“Breathing, Water, Sleep…”) called “Connectivity,” which includes Wi-Fi, Ethernet, Web Browser and a terminal of some sort. In those desperate times where you are away from you home, or in a public place, you scour for available Wi-Fi.  Through my years, I’ve connected to countless networks… in fact, I just looked at my list of Wi-Fi networks that I’ve connected to and it’s well over 40. Continue reading

Message to CEOs – You are now responsible for data security

CEOs are now responsible for data security

CEOs: Get your IT house in order

It seems that the Target disaster gets even worse.  In the wake of Target losing their 35-year veteran CEO, the message is clear to CEOs: “You are now responsible for the security of your data!”

In the past companies have simply blamed IT for not having good security practices in place.  If credit card or personal data left the company due to hackers, an IT director or even the CIO would be blamed.  Many companies would shrug their shoulders, scold their IT department, and try to handle the bad press.   It was a disturbing trend. Continue reading

Shavlik Protect 9.1 Launch in Europe

I spent the last two weeks visiting some of our customers and partners in Europe.  With the launch of Protect 9.1 and the introduction of the localized version of the product we had a lot to talk about.  The first week I traveled to Geneva, Munich, Turino, and Paris and we introduced Protect 9.1 to partners in each country.   The localization feature will definitely be welcomed by current customers and will open up new conversations for German, French, and Italian companies who require a localized product before they will consider purchase.  All together, a very good week with a lot of positive feedback regarding Protect. Continue reading