Productive Corporation

Download

Patching Third Party Apps What You Need to Know.pdf (123.83 KB)

For years, the term "patching" has been virtually synonymous with Microsoft applications. While that reputation has occasionally been  well deserved, third-party applications have evolved into an equally severe threat. As this SecurityWeek report points out, third-party applications now account for nearly 70% of all vulnerabilities on typical endpoint. Of those third-party apps, Adobe products have proven particularly susceptible to attacks. One recent study even notes that six out of every 10 enterprise users are running vulnerable versions of Adobe Reader.

In short, you need to have a structure in place that will allow you to deal with third-party application patching.

Start with a strategy
That's easier said than done, however. As this whitepaper* from security software provider Secunia points out, the combination of 1) ever-mutating strains of malware and 2) unique patch-management/update programs for specific applications can be an overwhelming task. According to the Secunia report, an IT administrator can need expertise with more than a dozen programs to securely patch a typical endpoint.

What's the answer? Start with a strategy that addresses the key questions-what third-party patches to apply, how to measure their effectiveness, how to deal with off-site and mobile device users, and the like. This article* from the TechTarget.com network and these whitepapers from Lumension* and Shavlik all offer detailed looks at the fundamentals of a sound strategy. Finally, it also pays to keep abreast of what Microsoft is recommending in terms of patching best practices; this Redmondmag.com article offers insight into that process, along with links to key Microsoft resources.

Software solutions
There is also an ever-expanding universe of software solutions that can address third-party patch management. Two free options are Microsoft's agent-based Windows Server Update Services (WSUS) and IT.Shavlik, a Web-based application that scans a network for patches and provides links to any missing ones. Both work well for smaller networks-i.e., those with 25 nodes or less. In contrast, full-featured security suites such Shavlik NetChk Protect offer automated patch management among numerous other features. Big Fix Patch Management allows users to patch for multiple platforms and apps. One notable new offering is  Secunia's Corporate Software Inspector, which can install third-party patches and also integrates with WSUS. Generally speaking, the price tag for these offerings start in the $2,000 to $3,000 range, depending on the size of your environment.

Find out more
For more information on patching third-party applications, contact Productive Corporation:

• Phone: 1.800.726.4099
• Email: help@productivecorp.com

*Free registration required to access the content.