Thursday, March 28, 2019

Patch Tuesday & Exploit Wednesday

Risk of Tuesday Patch

Level: Basic

In Computer Systems, the word “Patch” refers to a code correction in Software or Operating System. The correction is mandatory to fix a bug (the bug is a mistake in code logic or syntax) that might cause a security hole which known by Security Professionals as "Vulnerability". The person who discovers a bug could be a cracker or software programmer. However, the vulnerability might not be disclosed to the public which means the number of non-disclosure vulnerabilities is more than the number of discovered one, and there is a big business on the dark web behind on the non-published vulnerabilities.


The crackers might create an exploit to get full benefits from the discovered vulnerability, if this happened then we have a risk. The risk can be explained as this formula: 

Risk = Threat “Exploit” X Vulnerability.




Let's talk about Microsoft updates. The good news with Microsoft is that security updates are releases frequently every second Tuesday from each month. The bad news is when Microsoft releases an update, the attacker might use reverse-engineered technic in order to understand the idea/logic behind the released patch and then he/she can create and use the exploits to take over non-patch systems. This mean, the patch could become a danger if it was not rollout to machines immediately. The fancy name for this is “Patch Tuesday and Exploit Wednesday”.

Here is illustrator show this work







Complete image without animation


(1) Above is an example of a running MS-Apps and next Patch Tuesday and Exploit Wednesday. (2) Patches supposed to be released on Tuesday 9 of April 2019. (3) Organizations take from 1 to 10 days to patch all systems. (4) attacker use reverse-engineer technic to understand or get an idea about the bug. (5) Antivirus companies update their definition signature and HIPS "Host Intrusion Detection System" to protect machines... In the meantime, there is a big question on the time between (4) and (3) as the more time it takes to rollout patches it would be considered as risk on the non-patched systems, and if an incident occurs before (5) then it will be categorized as a zero-day attack. 

It is recommended to classify systems in three or more categorization here is an example: Testing, Critical, and Workstations. The patch should be tested before rollout patch to all servers. Personally, I recommend rebooting the tested server after the patch operation. System admins need to ready for any disaster in case the update makes damage to system/service. 

You can use the free tools “WSUS” for patching Management or use a commercial solution such as Lumension, Microsoft SCCM or Symantec Altiris.

let's waste attacker time and do a real change on the title to be from exploit Wednesday to Happy Wednesday ๐Ÿ˜„

Amir

2 comments:

  1. The on-line gambling market comprises income generated by remote gaming activities using the web using desktop and cell gadgets. The market includes gambling establishments creating on-line sports betting, on line casino, bingo, lotteries, and poker games, among others. /PRNewswire/ -- The Y-O-Y Growth price of 2022 for the ONLINE GAMBLING MARKET is estimated at eleven.82%. 37% of the market's growth will originate from APAC during the forecast period. Additionally, the arrival of mobiles and the demand for cell gaming are expanding the market ์นด์ง€๋…ธ ๊ฒŒ์ž„ attain and have generated new income streams for distributors.

    ReplyDelete
  2. Marine merchandise, however, depend on water-resistant electrical parts. Electronics aboard ships want special issues, such as housings to dam water from interfering with electrical processes. Additionally, components utilized in or close to the ocean have to be corrosion-resistant, as saltwater can easily erode the wrong materials. Many aviation business parts, such as engines, can also be used within the transportation business. Product analysis and testing are just as puffer jacket important to the transportation sector as it's to the air and space business, as it affects people’s security and talent to journey. Vehicle designers want to test bodily part prototypes in order that they know the way to|tips on how to} change their original designs and models for better outcomes.

    ReplyDelete