Index | Tools | Patches | E-Commerce | Communications | Surfing | Internet Settings

Starting with Patch Management and Control

---

Managing patches is an issue of critical importance to system administrators and IT managers or home owners or customers who have started a new business needing a secure method to protect their computers and their assets to ensure the business continuity, and Microsoft offers a number of tools to help you manage patches and simplify the task of keeping systems up-to-date. Start here with guidance that will help you to assess your environment and implement an effective software update and security patch management strategy..

The Patch Management Process

Patch management is a circular process and must be ongoing. The unfortunate reality about software vulnerabilities is that, after you apply a patch today, a new vulnerability must be addressed tomorrow.

Develop and automate a patch management process that includes each of the following:

• Detect: Use tools to scan your systems for missing security patches. The detection should be automated and will trigger the patch management process.
• Assess: If necessary updates are not installed, determine the severity of the issue(s) addressed by the patch and the mitigating factors that may influence your decision. By balancing the severity of the issue and mitigating factors, you can determine if the vulnerabilities are a threat to your current environment.
• Acquire:If the vulnerability is not addressed by the security measures already in place, download the patch for testing.
• Test:Install the patch on a test system to verify the ramifications of the update against your production configuration.
• Deploy:Deploy the patch to production computers. Make sure your applications are not affected. Employ your rollback or backup restore plan if needed.
• Maintain: Subscribe to notifications that alert you to vulnerabilities as they are reported. Begin the patch management process again.

Testing

If the results of your assessment determine that a patch must be installed, you should test that patch against your system to ensure that no breaking changes are introduced or, if a breaking change is expected, how to work around the change.

back to top

Methods for Testing Security Patches

Methods used to test the installation of security patches against your systems include:

1. Testing security patches against a test mirror of your live server configuration and scenario. This method allows you to both test the installation offline, without disrupting service, and the freedom to test workarounds if a breaking change is introduced, again without disrupting service.
2. Testing the patch on a few select production systems prior to fully deploying the update. If a test network that matches your live configuration is not available, this is the safest method to introduce the security patch. If this method is employed, you must perform a backup prior to installing the update.

back to top

Windows Update

With a list of the updates you want to install, use Internet Explorer on the server that requires the patch, and access http://windowsupdate.microsoft.com/. Then select the required updates for installation. The updates are installed from the site and cannot be downloaded for installation on another computer. Windows Update requires that an ActiveX control is installed on the server (you will be prompted when you visit the site if the control is not found.) This method works well for standalone workstations or where a small number of servers are involved.

HotFix and Security Bulletin Search. MBSA includes the Microsoft Knowledge Base article ID of the corresponding article for a given security bulletin. You can use the article ID at the HotFix and Security Bulletin Search site to reach the matching security bulletin. The search page is located at Technet Security and Windows bulletin. The bulletin contains the details to acquire the patch.

There is an alternative option to get the windows update is manual procedure....Follow the steps below....

1. Open the Internet Explorer
2. Click on Tools option
3. Click Windows Update

Microsoft will start search the vulnerabilities on your client PC for any critical updates.. You may be prompted to install the updates with express option (recommended) or select custom option to customise your updates.

Screenshot shown below when doing Windows updates...

It is very important to keep the patches up to date and prevent the virus attacks or leaving the back door open to allow the hackers to gain into your PC and obtain and listen for your financial details and steal your pin and the password and to procure other items in your false presence to gain to fund their needs.

back to top

JavaScripting

If your PC is lacking of protection to prevent the virus or JavaScript attacks; we will show you how effective is JavaScript is. How programmable this function can execute to gain information from your PC and draw the information to the hacker.

In this example, it will not harm your PC but it will demonstrate how powerful it is when the JavaScript runs.

In this example, we created the JavaScript to pull the PC specification and display the data on the screen for your information without you asking for the information. The command will execute and identify your PC specifications.

• Central Processor Unit type
• Platform Type
• Screen Size
• Available Size
• Colour Depth
• System Language
• User Language
• Java Enabled
• Cookie Enabled

Click here to go the next page to see more about the JavaScript...

back to top