https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity & Inclusion
  • MSSP Insider
  • MSP 501
    • Back
    • Apply Now
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • Videos
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
    • Channel Educational Series
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
    • Channel Convergence
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Content Resources
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • Excellence in Digital Services
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity & Inclusion
  • MSSP Insider
  • MSP 501
    • Back
    • Apply Now
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • Videos
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
    • Channel Educational Series
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
    • Channel Convergence
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Content Resources
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • Excellence in Digital Services
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Internet security

Times Are a-Changin’, But You Still Need to Patch

  • Written by Channel
  • September 14, 2016
Microsoft has announced a change to the servicing models for all pre-Windows 10 operating systems.

Chris GoettlBy Chris Goettl

This September 2016 Patch Tuesday will be the final Patch Tuesday on the old servicing model. Starting in October, Microsoft has announced a change to the servicing models for all pre-Windows 10 operating systems. I have had a number of questions from customers, partners, other vendors and companies I have spoken to since the announcement. My advice remains the same, which I describe in this post.  This change will require all of us to make some adjustments, and application compatibility and the risks associated with exceptions are the areas that will be most impacted. 

I went through an exercise earlier today to show what I mean.  

If you look at the average bulletin and vulnerability counts for each Patch Tuesday this year, we are averaging about three CVEs per bulletin. Given the explanation from Microsoft’s blog post, I revisited each Patch Tuesday for 2016 and refigured the total bulletin count we would have seen in under the new model and the average CVEs per bulletin changes to around 12 CVEs per bulletin.

Selling Security: Verizon’s 2016 Data Breach Investigations Report finds cybercriminals are exploiting everything from web apps to human nature. Channel partners are in a perfect position to help clients fight back and win. Here’s how.

The bottom line here is exceptions due to application-compatibility issues will become more compounded from a risk perspective. Companies will have to do more rigorous application-compatibility testing to ensure things to don’t break when these larger bundled security updates are pushed to systems. If there is a conflict, vendors that conflict with the updates are going to be under more pressure to resolve issues. Where companies may have accepted an exception for one or two vulnerabilities, an exception that causes 20 vulnerabilities to go unpatched will have a very different reaction.

Next month as we investigate the October Patch Tuesday release we will have more details, and will discuss the realities of the new servicing model in our monthly Patch Tuesday webinar, so plan to join us for that. 

My forecast for this Patch Tuesday was pretty close. There’s the Flash Player update and 14 bulletins from Microsoft. Microsoft’s 14 bulletins include seven critical and seven important updates resolving a total of 50 unique vulnerabilities, including an IE zero day (CVE-2016-3351) and a public disclosure (CVE-2016-3352).  

Adobe released a total of three bulletins, but only Flash Player was rated as critical or priority 1 in Adobe severity terms. This update resolves 29 vulnerabilities. The other two Adobe bulletins resolve nine vulnerabilities, but both are rated Priority 3, which is the lowest rating Adobe includes for security updates.  

As I mentioned last week, Google also recently released a Chrome update, so be sure to include this browser update in your monthly patch maintenance as it includes additional security fixes.  

Digging in a layer deeper on higher priority updates: 

MS16-104 is a critical update for Internet Explorer that resolves 10 vulnerabilities, including a zero-day exploit (CVE-2016-3351), making this a top priority this month. This bulletin includes vulnerabilities that target end users. The impact of several of the vulnerabilities can be mitigated by proper privilege management, meaning if the user exploited is a full user, the attacker also has full rights. If the user is less than a full user, then the attacker must find additional means to elevate privileges to exploit the system further.  

MS16-105 is a critical update for edge browser that resolves 12 vulnerabilities. This bulletin includes vulnerabilities that target end users, and the impact of several of the vulnerabilities can be mitigated by proper privilege management.

MS16-106 is a critical update for Windows Graphics that resolves fives vulnerabilities. GDI patches often impact more than just the Windows OS, as GDI is a common component used across many Microsoft products. This month it appears the GDI update is only at the OS level, which I believe was a first this year.  

MS16-107 is a critical update for Office and SharePoint which resolves 13 vulnerabilities. Now when I say this affects Office and SharePoint, I mean ALL variations — all versions of Office, Office Viewers, SharePoint versions including SharePoint 2007. You may see this show up on machines more than once depending on what products and viewers are on each system. This bulletin includes vulnerabilities that target end users, and the impact of several of the vulnerabilities can be mitigated by proper privilege management.

MS16-108 is a critical update for exchange server that resolves three vulnerabilities. In reality, this update addresses more, as it includes Oracle Outside in Libraries which released an update in July. This adds 18 additional vulnerabilities to the resolved vulnerability count for this bulletin. This bulletin does include a user targeted vulnerability. An attacker could send a link that has a specially crafted URL which would allow redirection of an authenticated exchange user to a malicious site designed to impersonate a legitimate website.  

MS16-110 is an important update resolving four vulnerabilities. Now, you may be asking, why include this one important update in the high priority updates for this month? Well, that is because of CVE-2016-3352, which was publicly disclosed. This means enough information was disclosed before the update was released, giving attackers a head start on building exploits. This puts this bulletin into a higher priority, as it stands a higher chance of being exploited. The vulnerability is a flaw in NTLM SSO requests during MSA login sessions. An attacker who exploits this could attempt to brute force a user’s NTLM password hash.  

MS16-116 is a critical update in VBScript Scripting Engine that resolves one vulnerability. This update must be installed along with the IE update MS16-104 to be fully resolved. This bulletin includes vulnerabilities that target end users and the impact of several of the vulnerabilities can be mitigated by proper privilege management.

MS16-117 is a critical update for Adobe Flash Player plug-in for Internet Explorer. This bulletin resolves 29 vulnerabilities, several of which do target a user.  

APSB16-29 is a priority 1 update for Adobe Flash Player that resolves 29 vulnerabilities. With Flash Player updates you will typically have two to four updates to apply to each system. Flash Player and plug-ins for IE, Chrome, and FireFox.  

Chris Goettl is the senior product manager for Shavlik’s Protect and Patch product lines. Chris started his career working in IT.  In 2004 he joined the Shavlik team and worked his way from front line support of the products to Systems Engineer, Product Trainer, Product Owner, and for the last three years, as Product Manager.

Tags: Agents Cloud Security

Related


  • SASE network edge
    Aruba Fully Integrates Silver Peak SD-WAN, Unveils SASE Strategy
    HPE bought Silver Peak last year and brought it into the Aruba business unit.
  • Convergence
    New, Changing Partner Programs: HPE, Zoom, Fortinet, Microsoft, More
    Telecom and IT vendors are courting partners to sell their solutions.
  • Survey says
    Cloud Communications Market Rocked by Microsoft, COVID-19 in 2020
    The perceived competitiveness of Slack and Google slid year over year.
  • Fuel Pump
    Vonage, Oracle, Salesforce Vets to Fuel Talkdesk Partners' Growth
    In the first two months of 2021, reseller partners have extended Talkdesk's global reach.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • SASE Takes: Service Providers Mull SD-WAN Complexity as Comcast, Versa Enhance AI Capabilities
  • T-Mobile 5G Network to Augment Lumen's Edge Computing Platform
  • AireSpring Partners Get Additional Support from Axis, Star2Star, TPx Vets
  • The CF List: 20 Top UCaaS Providers You Should Know

Galleries

View all

Recent M&A Frenzy Highlights Trend of Private Equity Firms Targeting MSPs

April 22, 2021

Industry Perspectives

View all

What the Recent Microsoft Exchange Vulnerabilities Mean for Channel Partners

April 21, 2021

Annual MSP Benchmark Survey Reveals Remote Work Still a Top Challenge

April 20, 2021

Why Digital Transformation Is the ‘Invisible Hand’ of Our Time

April 19, 2021

Webinars

View all

Health Care and SD-WAN: A Seller’s Guide

April 27, 2021

How MSPs Can Leverage SOCaaS to Improve Security & Grow Revenue

May 20, 2021

Agility & Engagement Lessons for Driving Growth

February 11, 2021

White Papers

View all

Hacker Personas: A Deeper Look into Cybercrime

April 20, 2021

Carbonite Data Protection and Cyber Resilience

April 15, 2021

Top Tips: How Resellers Can Leverage Rackspace to Enhance Customer’s Cyber Security Protection with Microsoft 365 Security

March 30, 2021

Upcoming Events

View all

MSP Summit

November 1, 2021 - November 2, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Channel Evolution Europe

November 30, 2021 - December 1, 2021

Videos and Fastchats

View all

ACC’s Nancy Ridge on Gender Diversity in the Channel

5 Reasons Diversity, Equity and Inclusion Is Important

April 14, 2021

Five9 Shares Insights on Implementing a DE&I Strategy

April 13, 2021

FASTCHAT: How Fortinet Reduces Complexity Through Networking, Security

March 31, 2021

Twitter

ChannelFutures

#MSP acquisitions are seriously taking off as private equity firms are chomping at the bit to buy. We asked our par… twitter.com/i/web/status/1…

April 22, 2021
ChannelFutures

.@TrendMicro rolls out revamped #partnerprogram. #cloudsecurity dlvr.it/RyFPk8 https://t.co/Pkwba4Ue7d

April 22, 2021
ChannelFutures

.@NetAppPartners will be able to co-sell @rubrikInc cloud data management and protection. dlvr.it/RyFPfQ https://t.co/Ot1Jsq9ZcS

April 22, 2021
ChannelFutures

We have the ability to make a difference in the tech industry, but that can only happen when we all work together t… twitter.com/i/web/status/1…

April 22, 2021
ChannelFutures

#Upstack hires Scott Forbush as CRO to lead inorganic growth strategy. @C_Trapp dlvr.it/RyDDb6 https://t.co/B3AAcb587S

April 22, 2021
ChannelFutures

RT @InformaTechHQ: Happy #WorldEarthDay! To mark the day our CEO Gary Nugent highlights the importance of technology and how it can be a dr…

April 22, 2021
ChannelFutures

.@cisco and @HP make huge #sustainability pledges for @EarthDay #EarthDay dlvr.it/RyCyNG https://t.co/T56157sj6p

April 22, 2021
ChannelFutures

.@pulsesecure #VPN hack prompts federal emergency directive. dlvr.it/Ry9TWn https://t.co/5KKQWvGYRN

April 21, 2021

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X