Presenting at the Black Hat USA conference this week, Trend Micro had an interesting comment:

Over the last few years, we’ve noticed a disturbing trend – a decrease in patch quality and a reduction in communications surrounding the patch. This has resulted in enterprises losing their ability to accurately estimate the risk to their systems. It’s also costing them money and resources as bad patches get re-released and thus re-applied.

This comment was made in explanation of their new 0/30/60/90 timeline for patches.  But it brings up a very painful point.

Let’s say a vulnerability is announced and a patch is available.  Organizations schedule time to implement these patches – and if you have thousands or tens of thousands of systems, that’s no joke.  Then after getting all stakeholders agreed and people lined up to do the work (it’s always in the middle of the night), there’s an exhausting push and then some exec gets a report saying that the enterprise is safe.

Now imagine if the next day you got an email saying “actually, that didn’t really fix things, you need to do it all over again”.  This is how murders happen.

So TM’s approach is to slow down a little, which is a double-edged sword.  If you rush out a fix and later need to patch the patch, at least you’ve hopefully blunted the initial assault.  On the other hand, if you want longer before releasing a more polished/tested patch, people’s systems might already be violated.

Read more about TM’s approach on Zero Day Initiative blog.

• Author
• Recent Posts

raindog308

Dread Lord of LowEnd Content at LowEndBox

I'm raindog308, techno polymath and long-time LowEndTalk community Administrator. My technical interests include all things Unix, perl, python, golang, shell scripting, vintage operating systems such as MVS, and relational database systems such as Oracle, PostgreSQL, and MySQL.

I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.

I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308

Latest posts by raindog308 (see all)

• Gloo.top – a Cool LowEndTalk Member Link Shortener You Should Check Out! - April 18, 2024
• Setup a Highly Available WordPress Site From Scratch, 2024 Edition!Part 7: Round-Robin DNS, Let’s Encrypt, & Conclusion - April 17, 2024
• Let’s Check In: sh97’s Network Benchmark Script has Plenty of New Developments! - April 16, 2024