7 Steps to Developing a Strong Patch Management Strategy

We’ve all been there before. You log into your laptop, only to be greeted by a pop-up reading “Updates are ready to install.” If you’re like most people, you either click the “Remind Me Later” button or simply ignore the message. But system updates are designed to patch important security flaws in your operating system; by ignoring them, you create new security gaps that open your network up to vulnerabilities. This is why Windows 10 has removed the option for users to ignore or repeatedly delay updates.

Unpatched systems are playgrounds for hackers, especially those using automated exploit kits to secretly launch attacks. As an SMB or MSP, you might believe your company or clients safe, but, in reality, 43% of cyberattacks target small businesses. It’s therefore vital that they take initiative in applying preventative measures, and one of the simplest ways to do this is by keeping systems up to date with software patches. This is especially important to keep in mind if you’re running operating systems older than Windows 10.

How Cybercriminals Probe and Exploit Systems

Exploit kits are a quick and efficient way for hackers to find vulnerabilities in your unpatched software. In a recent Webroot podcast, Joe Panettieri compared exploit kits to the probe droids from “Star Wars: Empire Strikes Back” that scan the planet looking for any sign of a Rebel base. Similarly, exploit kits can “probe” or audit machines in search of vulnerabilities. When a flaw is discovered, they can automatically deliver malicious payloads like malware, ransomware or cryptomining scripts.

The EternalBlue attacks of 2017, which exploited an unpatched flaw in Windows XP’s file sharing protocol, were a good example of this strategy. Unfortunately, Windows systems make formidable targets for exploit kits. In fact, our research revealed that the number of IPs hosting Windows exploits grew 75% between January and June 2019 alone.

Microsoft itself has issued several major patch warnings for Windows 7, Windows 10 and Windows XP, noting that it’s “highly likely malicious actors will write an exploit” for older Windows systems. With the end of support for Windows 7 in January, now is the time to create a patch management strategy.

A Solid Patch Management Strategy Is Vital

An effective patch management strategy gives you a clear-cut process for deploying all missing software and application patches as soon as they’re announced. And when it comes to protecting against exploit kits, speed is crucial. Patch warnings often disclose the vulnerability, which can prompt cybercriminals to create exploit kits for out-of-date machines. This means that, as soon as you know about the security flaw, so do hackers. Currently, the average time to patch is 102 days. That gap is simply too large to be considered safe.

With the right patch management strategy, you’ll be less likely to delay or ignore important fixes when released.

Tips for Developing a Strong Patch Management Strategy

Ready to protect your business against exploits? Here are some steps every patch management strategy should include:

Step 1: Take an inventory of your IT devices, operating systems, OS versions and third-party applications.

Step 2: Categorize by risk and priority (using a high, medium or low score for each).

Step 3: Utilize virtual machines (VMs), and run patches on those environments first to perform patch validation. Back up your test data.

Step 4: Develop patch management policies by establishing when you will patch and what will be patched first. For example, “Every Friday, we patch Windows OS.”

Step 5: Roll out your patches and apply them as soon as possible. Use your RMM to patch and manage your own network and/or your SMB clients’ networks.

Step 6: Document your patch management processes and procedures.

Step 7: Keep up to date with vendor patch announcements.

What’s Next?

I encourage you to learn more about “locking down” your MSP business and your customers against exploit kits and other cybersecurity attacks by checking out our Lockdown Lessons series.

Start a free Webroot Endpoint protection trial and see for yourself how our solutions can help you prevent threats and maximize growth.

Tim Sheahen is senior director of sales.

This guest blog is part of a Channel Futures sponsorship.