Ignoring advice to patch systems can have severe consequences – as victims of the WannaCry and NotPetya ransomware attacks know. Earlier this year, Microsoft became aware of vulnerabilities in its legacy operating systems – Windows XP and Windows 7 OS versions – regarding the SMB v1 protocol, and it issued appropriate patches for the same. A proper way to secure an enterprise’s IT would be to ensure automatic patch updates using an effective patch management software.
The WannaCry and NotPetya attacks were widespread and caused significant damage. While their spread had been contained by exploiting bugs in the malware code, cyber criminals demonstrated that they could quite quickly release modified versions that could not be contained. The NotPetya ransomware is considered not exactly a ransomware but a data destroyer under the guise of a ransomware. NotPetya targeted primarily Ukrainian government institutions security, raising suspicions of the involvement of a nation state.
The Need to Update Patches
This is a big question. IT security administrators in an enterprise know the importance of regular patch updates. It is not to be ignored. However, surveys have revealed that Enterprises still continue to use legacy operating systems that no longer receive any support from the software provider. Microsoft had stopped mainstream support for its Windows XP and Win 7 versions as early as in 2015, and it is providing extended support through security updates only until January 2020.
But even with the numerous vulnerabilities being exposed, many organizations continue to run Win XP OS and Win 7. The reasons for using these OSs being:
- funding requirement for software upgrade
- funding requirement for hardware upgrade
- possible lack of support for vital, legacy applications
Why Some Organizations Don’t Apply Patches
The main reasons for not applying patch management software updates:
- Inability of the IT admin to manage patches for numerous endpoints
- Lack of an automatic patch management software system
- Possibility of new patch updates crashing the IT systems (this has happened quite frequently)
- Fear of new OS patches rendering the applications incompatible with the OS
In many businesses, applications that are important for the business flow may be hosted on legacy systems. In this case, an OS update may need software updates which could be expensive and financially not feasible. In such cases, the enterprise must resort to alternate security measures:
- Ensure enhanced security for legacy systems – employ regular vulnerability scans, and define stricter access control for those systems.
- Regularly monitor these systems for any suspicious behavior – an effective endpoint security solution that monitors processes in real-time would be necessary.
- Implement an automated patch management software system for other systems on the enterprise network.