Trend Micro (EMEA) Limited, profile picture
Uploaded byTrend Micro (EMEA) Limited
PPTX, PDF631 views

Real-life patch test - vulnerabilities found in one simple server in 6 months

The document discusses the extensive overhead and challenges of applying patches to a Windows Server 2008 R2 virtual machine, which revealed 31 important security updates over a six-month period, with many requiring system reboots. It highlights the difficulty of managing patch updates in mission-critical systems and suggests the use of virtual patching as an alternative solution to enhance security without the need for immediate system downtime. Recommendations are provided for improving patch management processes and assessing associated costs and risks.

Embed presentation

Downloaded 12 times
Vulnerabilities found in one server in 6 months A real-life patch test Copyright 2011 Trend Micro Inc.
Whether you patch monthly… Or every six months Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 2
Whether you patch monthly… Or every six months The time and resource overhead is significant Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 3
Whether you patch monthly… Or every six months The time and resource overhead is significant And are you even secure? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 4
One of our Solution Architects PATCH put a simple virtual machine TEST through it’s paces… with fascinating results… Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 5
26 July 2011 Simple VM built with WIN2008 R2 only… No apps, no IIS, no SQL Server This build could equally apply to a physical server Copyright 2011 Trend Micro Inc. 6
6 months later… A large number of updates are available Remember this is still only one VM running nothing more than WIN2008 R2 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 7
Look up the Knowledge Base number and find the update 6 months Now the hard later… work begins…. A large number of updates are available Remember this is still only one VM running nothing more than WIN2008 R2 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 8
Take a closer look at the updates 09 AUG 2011… 7 important updates… 13.2MB… REBOOT REQUIRED 23 AUG 2011… 1 important update… 3.6MB… NO REBOOT 13 SEP 2011… 3 important updates… 65.4MB… NO REBOOT 11 OCT 2011… 4 important updates… 34.6MB… REBOOT REQUIRED 25 OCT 2011… 1 important update… 36K… NO REBOOT 08 NOV 2011… 2 important updates… 2.4MB… REBOOT REQUIRED 13 DEC 2011… 5 important updates… 26.1MB… REBOOT REQUIRED 29 DEC 2011… 3 important updates… 14.3MB… NO REBOOT 10 JAN 2011… 5 important updates… 19.1MB… REBOOT REQUIRED Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 9
A total of 31 important security updates were announced over 6 RESULTS months, with approx. every other patch requiring a reboot Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 10
How can you reboot a mission critical system that cannot be taken offline? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 11
How can you reboot a mission critical system that cannot be taken offline? How can you reboot any system during a CHANGE FREEZE? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 12
Significant cross-referencing and assessment of each update needs to be IMPACT undertaken by a skilled administrator. What else will the update impact? What else is vulnerable? What is the impact on our risk posture? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 13
Patch detail Patch #1 Cumulative Security Update for ActiveX Killbits for Windows Server 2008 R2 x64 Edition (KB2618451) http://go.microsoft.com/fwli nk/?LinkID=232507 ms11-090 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 14
Patch detail Patch #1 PATCH #2 Cumulative Security Cumulative Security Update for ActiveX Killbits Update for Internet for Windows Server 2008 Explorer 9 for Windows R2 x64 Edition Server 2008 R2 x64 (KB2618451) Edition (KB2618444) http://go.microsoft.com/fwli http://go.microsoft.com/fwli nk/?LinkID=232507 nk/?LinkID=232505 ms11-090 ms11-099 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 15
Patch detail Patch #1 PATCH #2 PATCH #3 Security Update for Cumulative Security Cumulative Security Microsoft .NET Framework Update for ActiveX Killbits Update for Internet 3.5.1 on Windows 7 and for Windows Server 2008 Explorer 9 for Windows Server 2008 R2 SP1 for x64- R2 x64 Edition Server 2008 R2 x64 based Systems (KB2618451) Edition (KB2618444) (KB2539635) http://go.microsoft.com/fwli http://go.microsoft.com/fwli http://go.microsoft.com/fwlink nk/?LinkID=232507 nk/?LinkID=232505 /?LinkID=218325 ms11-090 ms11-099 ms11-069 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 16
Patch detail Patch #1 PATCH #2 PATCH #3 Security Update for Cumulative Security Cumulative Security Microsoft .NET Framework Update for ActiveX Killbits for Windows Server 2008 WHICH WILL Update for Internet Explorer 9 for Windows 3.5.1 on Windows 7 and Server 2008 R2 SP1 for x64- R2 x64 Edition Server 2008 R2 x64 based Systems (KB2618451) http://go.microsoft.com/fwli YOU PATCH?? Edition (KB2618444) http://go.microsoft.com/fwli (KB2539635) http://go.microsoft.com/fwlink nk/?LinkID=232507 nk/?LinkID=232505 /?LinkID=218325 ms11-090 ms11-099 ms11-069 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 17
Some hours later and all 31 security updates located and assessed 23 out of 31 patches are related to security vulnerabilities Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 18
1 VM, 1 OS, 31 patches 23 of which relate to security vulnerabilities Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 19
1 VM, 1 OS, 31 patches 23 of which relate to security vulnerabilities For a typical organisation with servers running 50 multiple operating systems and applications, this is a costly and resource intensive operation Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 20
1 VM, 1 OS, 31 patches 23 of which relate to security vulnerabilities For a typical organisation with servers running 50 multiple operating systems and applications, this is a costly and resource intensive operation Unlike the simple VM, most organisations will not be able to automatically install updates. Individual updates or batches of updates will need to be tested and deployed manually to allow for them to be backed out in case of problems during installation. Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 21
How do you balance operational efficiency with security? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 22
How do you balance operational efficiency with security? You want to install the minimum number of security patches for BASE LEVEL protection Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 23
How do you balance operational efficiency with security? You want to install the minimum number of security patches for BASE LEVEL protection But you want visibility of all security vulnerabilities? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 24
Virtual Patching: Proactively shield vulnerabilities Solution in critical systems, even without patching Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 25
Trend Micro Deep Security Virtual Patching Solution  Detects and blocks known and zero-day attacks that target vulnerabilities  Shields web application vulnerabilities  Increased visibility into, or control over, applications accessing the network  Fully integrates with VMware and provides visibility at the hypervisor level, removing the risk of attacks not being visible within virtualised environments Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 26
Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 27
On the same VM running WIN2008 R2 This screen shows results of Trend Micro Deep Security Recommendation Scan : Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 28
On the same VM running WIN2008 R2 This screen shows results of Trend Micro Deep Security Recommendation Scan : … After security updates concerning local logon, SSL protocol and kernel were discounted… …. Deep Security identified and proactively shielded 13 security updates … And then identified and shielded a further 11 security updates for which there may be no patches Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 29
Recommendations Assess the effectiveness of your patch 1 management process Calculate the cost and risk of emergency 2 patching Request a demo of Trend Micro Deep Security 3 And see how virtual patching could reduce IT resources and costs while enhancing the security and compliance of your data centre applications www.trendmicro.co.uk 01628 400552 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 30

More Related Content

PPTX
December 2018 Patch Tuesday Analysis
byIvanti
 
PPTX
2022 February Patch Tuesday
byIvanti
 
PPTX
January Patch Tuesday 2019
byIvanti
 
PDF
Fr july2021 patchtuesday_final-atendeesslides
byIvanti
 
PPTX
2021 July Patch Tuesday
byIvanti
 
PPTX
2021 August Patch Tuesday
byIvanti
 
PPTX
French Patch Tuesday April 2021
byIvanti
 
PDF
August 2021 Patch Tuesday slides - French
byIvanti
 
December 2018 Patch Tuesday Analysis
byIvanti
 
2022 February Patch Tuesday
byIvanti
 
January Patch Tuesday 2019
byIvanti
 
Fr july2021 patchtuesday_final-atendeesslides
byIvanti
 
2021 July Patch Tuesday
byIvanti
 
2021 August Patch Tuesday
byIvanti
 
French Patch Tuesday April 2021
byIvanti
 
August 2021 Patch Tuesday slides - French
byIvanti
 

What's hot

PPTX
2021 September Patch Tuesday
byIvanti
 
PPTX
May 2021 Patch Tuesday
byIvanti
 
PPTX
July 2017 Patch Tuesday - Ivanti
byIvanti
 
PDF
Qlik view server reference manual eng
byRaja Gopal Rao Vishnudas
 
PDF
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
byPriyanka Aash
 
PPTX
April 2017 patch tuesday ivanti
byChris Goettl
 
PPTX
January2017 patchtuesdayshavlik
byLANDESK
 
PPTX
September 2017 Patch Tuesday
byIvanti
 
PPTX
Patch Tuesday Analysis - March 2017
byIvanti
 
PPTX
July Patch Tuesday 2020
byDan Lalli
 
2021 September Patch Tuesday
byIvanti
 
May 2021 Patch Tuesday
byIvanti
 
July 2017 Patch Tuesday - Ivanti
byIvanti
 
Qlik view server reference manual eng
byRaja Gopal Rao Vishnudas
 
Bruh! Do you even diff?—Diffing Microsoft Patches to Find Vulnerabilities
byPriyanka Aash
 
April 2017 patch tuesday ivanti
byChris Goettl
 
January2017 patchtuesdayshavlik
byLANDESK
 
September 2017 Patch Tuesday
byIvanti
 
Patch Tuesday Analysis - March 2017
byIvanti
 
July Patch Tuesday 2020
byDan Lalli
 

Viewers also liked

PPTX
Thomson Reuters: Transforming the workplace with desktop virtualisation
byTrend Micro (EMEA) Limited
 
PPTX
The year that shook the world
byTrend Micro (EMEA) Limited
 
PPTX
Smart, Data-Centric Security for the Post-PC Era
byTrend Micro (EMEA) Limited
 
PPTX
Data Centre Evolution: Securing Your Journey to the Cloud
byTrend Micro (EMEA) Limited
 
PPTX
Targeted Attacks: Have you found yours?
byTrend Micro (EMEA) Limited
 
PPTX
Targeted Attacks: Have you found yours?
byTrend Micro (EMEA) Limited
 
PDF
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
byBarry Feldman
 
Thomson Reuters: Transforming the workplace with desktop virtualisation
byTrend Micro (EMEA) Limited
 
The year that shook the world
byTrend Micro (EMEA) Limited
 
Smart, Data-Centric Security for the Post-PC Era
byTrend Micro (EMEA) Limited
 
Data Centre Evolution: Securing Your Journey to the Cloud
byTrend Micro (EMEA) Limited
 
Targeted Attacks: Have you found yours?
byTrend Micro (EMEA) Limited
 
Targeted Attacks: Have you found yours?
byTrend Micro (EMEA) Limited
 
32 Ways a Digital Marketing Consultant Can Help Grow Your Business
byBarry Feldman
 

Similar to Real-life patch test - vulnerabilities found in one simple server in 6 months

DOC
Notable Changes In Windows 7 And Windows Server 2008 R2 Service Pack 1
byTimothy Jeffries
 
PDF
Windows Server 2008 Security Overview Short
byEduardo Castro
 
PDF
Windows Server 2008 Security Overview Short
byEduardo Castro
 
PDF
2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers
byRaleigh ISSA
 
PDF
Session 1: Windows 8 with Gerry Tessier
byCTE Solutions Inc.
 
PDF
CNIT 123 8: Desktop and Server OS Vulnerabilities
bySam Bowne
 
PPTX
Kurt baumgartner lan_deskse2012
byKurt Baumgartner
 
PDF
CNIT 123 Ch 8: OS Vulnerabilities
bySam Bowne
 
PPT
0828 Windows Server 2008 新安全功能探討
byTimothy Chen
 
PDF
McAfee Foundstone Update
bywebhostingguy
 
PPTX
How Microsoft Technologies And Windows Vista Improve Supporting
byMicrosoft TechNet
 
PPTX
Delivering Security with GFI MAX - Mark Petrie
byMAXfocus
 
PPTX
Client management.ppt
byAlex de Jong
 
PDF
Ch 8: Desktop and Server OS Vulnerabilites
bySam Bowne
 
PPTX
Delivering Security with the MAX RemoteManagement Platform - Paul Fenwick
byMAXfocus
 
PPTX
Ivanti Patch Tuesday for June 2020
byIvanti
 
PPTX
Ivanti Patch Tuesday for March 2020
byIvanti
 
PPTX
June2017 patchtuesdayivanti
byIvanti
 
PPTX
Stopping the Adobe, Apple and Java Software Updater Insanity
byLumension
 
PDF
Endpoint Security Shifting Paradigms 5
bytafinley
 
Notable Changes In Windows 7 And Windows Server 2008 R2 Service Pack 1
byTimothy Jeffries
 
Windows Server 2008 Security Overview Short
byEduardo Castro
 
Windows Server 2008 Security Overview Short
byEduardo Castro
 
2010-03 Yesterday's Trusted Web Sites are Today's Malicious Servers
byRaleigh ISSA
 
Session 1: Windows 8 with Gerry Tessier
byCTE Solutions Inc.
 
CNIT 123 8: Desktop and Server OS Vulnerabilities
bySam Bowne
 
Kurt baumgartner lan_deskse2012
byKurt Baumgartner
 
CNIT 123 Ch 8: OS Vulnerabilities
bySam Bowne
 
0828 Windows Server 2008 新安全功能探討
byTimothy Chen
 
McAfee Foundstone Update
bywebhostingguy
 
How Microsoft Technologies And Windows Vista Improve Supporting
byMicrosoft TechNet
 
Delivering Security with GFI MAX - Mark Petrie
byMAXfocus
 
Client management.ppt
byAlex de Jong
 
Ch 8: Desktop and Server OS Vulnerabilites
bySam Bowne
 
Delivering Security with the MAX RemoteManagement Platform - Paul Fenwick
byMAXfocus
 
Ivanti Patch Tuesday for June 2020
byIvanti
 
Ivanti Patch Tuesday for March 2020
byIvanti
 
June2017 patchtuesdayivanti
byIvanti
 
Stopping the Adobe, Apple and Java Software Updater Insanity
byLumension
 
Endpoint Security Shifting Paradigms 5
bytafinley
 

Recently uploaded

PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PPTX
The Transformative Technology in Contemporary Businesses
bygreyaudrina
 
PDF
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
How AI Can Help Platform Engineers Build Better Platforms
byAll Things Open
 
PPTX
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
PPTX
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
PDF
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
PPTX
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
PDF
Preserve workload integrity during cross-architecture migration
byPrincipled Technologies
 
PPTX
apidays Paris 2025 | Building Agentic Workflows
byapidays
 
PDF
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
PPTX
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 
PDF
apidays New York 2025 | AI in Application Security
byapidays
 
PDF
From Hallucinations to High-Confidence AI with Data Enrichment.pdf
byPrecisely
 
PPTX
PPTX game guess the logo with a twistppt
byAdrianAnig
 
PDF
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
PDF
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
PPTX
Celonis Optimizing your future with process
bydevjeremyappleyard
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
The Transformative Technology in Contemporary Businesses
bygreyaudrina
 
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
How AI Can Help Platform Engineers Build Better Platforms
byAll Things Open
 
Introducing VisualSim 2610 The Next Leap in System Level Modeling
byDeepak Shankar
 
GenerationAI Paris 2025 | AI in Tech: Beyond Expectations, Into Execution
byapidays
 
Transcript: Escape from the Forbidden Zone: Smuggling green and inclusive tec...
byBookNet Canada
 
Microsoft Azure News - February 2026 - BAUG
byDaniel Toomey
 
Preserve workload integrity during cross-architecture migration
byPrincipled Technologies
 
apidays Paris 2025 | Building Agentic Workflows
byapidays
 
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
Do You Control the AI, or Does the AI Control You?
bymedhateltoukhy
 
apidays New York 2025 | AI in Application Security
byapidays
 
From Hallucinations to High-Confidence AI with Data Enrichment.pdf
byPrecisely
 
PPTX game guess the logo with a twistppt
byAdrianAnig
 
Odoo Implementation Checklist: A Strategic ERP Blueprint for Business-Ready D...
byBANIBRO IT SOLUTION
 
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
Celonis Optimizing your future with process
bydevjeremyappleyard
 

Real-life patch test - vulnerabilities found in one simple server in 6 months

  • 1.
    Vulnerabilities found inone server in 6 months A real-life patch test Copyright 2011 Trend Micro Inc.
  • 2.
    Whether you patch monthly… Or every six months Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 2
  • 3.
    Whether you patch monthly… Or every six months The time and resource overhead is significant Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 3
  • 4.
    Whether you patch monthly… Or every six months The time and resource overhead is significant And are you even secure? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 4
  • 5.
    One of ourSolution Architects PATCH put a simple virtual machine TEST through it’s paces… with fascinating results… Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 5
  • 6.
    26 July 2011 Simple VM built with WIN2008 R2 only… No apps, no IIS, no SQL Server This build could equally apply to a physical server Copyright 2011 Trend Micro Inc. 6
  • 7.
    6 months later… A large number of updates are available Remember this is still only one VM running nothing more than WIN2008 R2 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 7
  • 8.
    Look up the Knowledge Base number and find the update 6 months Now the hard later… work begins…. A large number of updates are available Remember this is still only one VM running nothing more than WIN2008 R2 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 8
  • 9.
    Take a closerlook at the updates 09 AUG 2011… 7 important updates… 13.2MB… REBOOT REQUIRED 23 AUG 2011… 1 important update… 3.6MB… NO REBOOT 13 SEP 2011… 3 important updates… 65.4MB… NO REBOOT 11 OCT 2011… 4 important updates… 34.6MB… REBOOT REQUIRED 25 OCT 2011… 1 important update… 36K… NO REBOOT 08 NOV 2011… 2 important updates… 2.4MB… REBOOT REQUIRED 13 DEC 2011… 5 important updates… 26.1MB… REBOOT REQUIRED 29 DEC 2011… 3 important updates… 14.3MB… NO REBOOT 10 JAN 2011… 5 important updates… 19.1MB… REBOOT REQUIRED Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 9
  • 10.
    A total of31 important security updates were announced over 6 RESULTS months, with approx. every other patch requiring a reboot Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 10
  • 11.
    How can youreboot a mission critical system that cannot be taken offline? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 11
  • 12.
    How can youreboot a mission critical system that cannot be taken offline? How can you reboot any system during a CHANGE FREEZE? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 12
  • 13.
    Significant cross-referencing and assessment of each update needs to be IMPACT undertaken by a skilled administrator. What else will the update impact? What else is vulnerable? What is the impact on our risk posture? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 13
  • 14.
    Patch detail Patch #1 Cumulative Security Update for ActiveX Killbits for Windows Server 2008 R2 x64 Edition (KB2618451) http://go.microsoft.com/fwli nk/?LinkID=232507 ms11-090 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 14
  • 15.
    Patch detail Patch #1 PATCH #2 Cumulative Security Cumulative Security Update for ActiveX Killbits Update for Internet for Windows Server 2008 Explorer 9 for Windows R2 x64 Edition Server 2008 R2 x64 (KB2618451) Edition (KB2618444) http://go.microsoft.com/fwli http://go.microsoft.com/fwli nk/?LinkID=232507 nk/?LinkID=232505 ms11-090 ms11-099 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 15
  • 16.
    Patch detail Patch #1 PATCH #2 PATCH #3 Security Update for Cumulative Security Cumulative Security Microsoft .NET Framework Update for ActiveX Killbits Update for Internet 3.5.1 on Windows 7 and for Windows Server 2008 Explorer 9 for Windows Server 2008 R2 SP1 for x64- R2 x64 Edition Server 2008 R2 x64 based Systems (KB2618451) Edition (KB2618444) (KB2539635) http://go.microsoft.com/fwli http://go.microsoft.com/fwli http://go.microsoft.com/fwlink nk/?LinkID=232507 nk/?LinkID=232505 /?LinkID=218325 ms11-090 ms11-099 ms11-069 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 16
  • 17.
    Patch detail Patch #1 PATCH #2 PATCH #3 Security Update for Cumulative Security Cumulative Security Microsoft .NET Framework Update for ActiveX Killbits for Windows Server 2008 WHICH WILL Update for Internet Explorer 9 for Windows 3.5.1 on Windows 7 and Server 2008 R2 SP1 for x64- R2 x64 Edition Server 2008 R2 x64 based Systems (KB2618451) http://go.microsoft.com/fwli YOU PATCH?? Edition (KB2618444) http://go.microsoft.com/fwli (KB2539635) http://go.microsoft.com/fwlink nk/?LinkID=232507 nk/?LinkID=232505 /?LinkID=218325 ms11-090 ms11-099 ms11-069 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 17
  • 18.
    Some hours laterand all 31 security updates located and assessed 23 out of 31 patches are related to security vulnerabilities Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 18
  • 19.
    1 VM, 1OS, 31 patches 23 of which relate to security vulnerabilities Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 19
  • 20.
    1 VM, 1OS, 31 patches 23 of which relate to security vulnerabilities For a typical organisation with servers running 50 multiple operating systems and applications, this is a costly and resource intensive operation Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 20
  • 21.
    1 VM, 1OS, 31 patches 23 of which relate to security vulnerabilities For a typical organisation with servers running 50 multiple operating systems and applications, this is a costly and resource intensive operation Unlike the simple VM, most organisations will not be able to automatically install updates. Individual updates or batches of updates will need to be tested and deployed manually to allow for them to be backed out in case of problems during installation. Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 21
  • 22.
    How do youbalance operational efficiency with security? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 22
  • 23.
    How do youbalance operational efficiency with security? You want to install the minimum number of security patches for BASE LEVEL protection Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 23
  • 24.
    How do youbalance operational efficiency with security? You want to install the minimum number of security patches for BASE LEVEL protection But you want visibility of all security vulnerabilities? Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 24
  • 25.
    Virtual Patching: Proactivelyshield vulnerabilities Solution in critical systems, even without patching Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 25
  • 26.
    Trend Micro DeepSecurity Virtual Patching Solution  Detects and blocks known and zero-day attacks that target vulnerabilities  Shields web application vulnerabilities  Increased visibility into, or control over, applications accessing the network  Fully integrates with VMware and provides visibility at the hypervisor level, removing the risk of attacks not being visible within virtualised environments Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 26
  • 27.
    Trend Micro Confidential2/23/2012 Copyright 2011 Trend Micro Inc. 27
  • 28.
    On the sameVM running WIN2008 R2 This screen shows results of Trend Micro Deep Security Recommendation Scan : Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 28
  • 29.
    On the sameVM running WIN2008 R2 This screen shows results of Trend Micro Deep Security Recommendation Scan : … After security updates concerning local logon, SSL protocol and kernel were discounted… …. Deep Security identified and proactively shielded 13 security updates … And then identified and shielded a further 11 security updates for which there may be no patches Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 29
  • 30.
    Recommendations Assess the effectiveness of your patch 1 management process Calculate the cost and risk of emergency 2 patching Request a demo of Trend Micro Deep Security 3 And see how virtual patching could reduce IT resources and costs while enhancing the security and compliance of your data centre applications www.trendmicro.co.uk 01628 400552 Trend Micro Confidential 2/23/2012 Copyright 2011 Trend Micro Inc. 30