Before joining the Windows iX IT PRO Security team I spent my last 11 years working in the enterprise support field, where 5 were at Microsoft CSS (former PSS). During the Conficker outbreak I was in Oklahoma for New Years Eve 2008/2009 (which BTW is pretty cool) and while I was there I wrote this post about blocking Conficker proliferation via ISA Server. Six months later I kept hearing comments from the IR (Incident Response) folks about getting new cases related to Conficker. I remember talking to one of those guys and hearing from him that some companies were without patches for years. We are not talking about small offices; I’m talking about enterprise level type of company with thousands of workstations and hundreds of servers - unpatched.
While it is hard to believe that this type of practice still happening, today reading this article I got the confirmation that Conficker didn’t teach the full lesson to everybody. Unfortunately the reality is that there are still many servers and workstations (regardless of the OS) unpatched out there. In other hand, it is also very good to see that people are warning about that in many ways, such as with an article like this: “Patch Management Crucial to Defend Against Cyber-Attacks: Report” that explains how important it is to patch and beyond that, how important it is to make sure all platforms are patched. The article has a great statement, that says:
“While Windows vulnerabilities receive wide attention, Norman security experts also warned that IT administrators in enterprises, government and small to midsize businesses (SMBs) should focus on patch management involving all major operating systems, including Microsoft Windows, Linux, Mac OS, Sun Solaris and HP.”
If you don’t know where to start on patch management subject for your Microsoft platform or if you want to review if you patch management strategy is correct, go ahead and download the Microsoft Security Update Guide, Second Edition – this is a great source of information about this subject.