Managing Unpatched Third-Party Software
Reflecting the fact that “One bad apple can spoil the whole bunch,” a vulnerable machine acting as the backdoor can lead to massive cyberattacks bringing down the whole organizational network. As majority of the machines rely on non-Microsoft applications for different purposes, even minor security flaws can make the systems vulnerable to cyberattacks.
Since technologies evolve over time, attackers are also developing new ways to exploit the vulnerabilities. A patch can be a record of a change or any update with an additional feature or a bug fix. During these days of zero day and Blackhole exploits, unpatched software can open up opportunities to hackers looking for a loophole to enter the network.
Microsoft being a tech giant, always keeps an eye on their software and performs regular bug fixes. This drives cyberattackers to target the third party applications running in corporate machines. In most cases, unpatched software vulnerability remains invisible to the organization, exposing enterprises to high security risks. Erroneously declining a critical software update could lead to security flaws that result in great data and intellectual property theft. Any security hole in the network will expose an organization to severe security threats, allowing attackers to open remote command prompt with administrator privileges. Once the attackers successfully gain access to remote CMD, they can open up a backdoor to initiate the attack.
Since third party applications that might not be secure enough make up a significant part of an enterprise system, hackers have little trouble intruding the system. A breach of security can have severe impact when confidential information is compromised. Some of the possible results of an attack include permanent loss of confidential or intellectual property, financial loss, and reputational harm.
Last month, Adobe released a security update for a critical vulnerability in Flash Player that hackers were exploiting. The Flash Player vulnerability tracked as CVE-2016-4117, affects Flash Player versions until 188.8.131.52, released for Windows, OS X, Chrome OS, and Linux. The company reported that any successful exploitation could compromise the system allowing attackers to take over complete control. Fortunately, Adobe was quick to patch it.
The Way Out
Keeping systems and applications updated is the key to being safe from cyberattacks. Most of the frequently used attack vectors like email attachments and malicious websites generally utilize un-patched vulnerabilities in third party applications. It is important for organizations to choose applications from reputed vendors. Organizations have to maintain a strong patch management process ensuring the safety of applications from potential threats.
When an update is released, attackers may reverse engineer the underlying vulnerabilities. While this process may take up to a few weeks depending on the code involved, timely patching is important, as it is one of the most effective steps to minimize exploits. Moreover, an updated antivirus and endpoint protection application is important in every machine to maintain security. An Intrusion Detection and Prevention System with updated firewall can safeguard the organizational network from attacks being initiated in the network. Employee education and safety awareness also plays a vital role in organizational network security.
By Tom Farrah, CIO & SVP, Dr Pepper Snapple Group
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Phil Jordan, CIO, Telefonica
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Dennis Hodges, CIO, Inteva Products
By Bill Krivoshik, SVP & CIO, Time Warner Inc.
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sven Gerjets, SVP-IT, DIRECTV
By Marie Blake, EVP & CCO, BankUnited
By Lowell Gilvin, Chief Process Officer, Jabil
By Walter Carvalho, VP & Corporate CIO, Carnival Corporation
By Mary Alice Annecharico, SVP & CIO, Henry Ford Health System
By Bernd Schlotter, President of Services, Unify
By Bob Fecteau, CIO, SAIC
By Jason Alan Snyder, CTO, Momentum Worldwide
By Jim Whitehurst, CEO, Red Hat
By Marc Jones, Distinguished Engineer, IBM Cloud Infrastructure