Understanding Patches

    Date08 Apr 2004
    3460
    Posted ByAnthony Pell
    Here is another helpful tip for you to give to your end-users, especially those who might connect to your buisness network with their own laptops. This one comes courtesy of CERT from the friendly folks at Carnegie-Mellon University. . . .

    Cyber Security Tip ST04-006

    Understanding Patches

    When vendors become aware of vulnerabilities in their products, they
    often issue patches to fix the problem. Make sure to apply relevant
    patches to your computer as soon as possible so that your system is
    protected.

    What are patches?

    Similar to the way fabric patches are used to repair holes in
    clothing, software patches repair holes in software programs. Patches
    are updates that fix a particular problem or vulnerability within a
    program. Sometimes, instead of just releasing a patch, vendors will
    release an upgraded version of their software, although they may refer
    to the upgrade as a patch.

    How do I find out what patches I need to install?

    When patches are available, vendors usually put them on their web
    sites for users to download. It is important to install a patch as
    soon as possible to protect your computer from attackers who would
    take advantage of the vulnerability. Some software will automatically
    check for updates, and many vendors offer users the option to receive
    automatic notification of updates through a mailing list. If these
    automatic options are available, we recommend that you take advantage
    of them. If they are not available, check your vendors' web sites
    periodically for updates.

    Make sure that you only download software or patches from web sites
    that you trust. Do not trust a link in an email message--attackers
    have used email messages to direct users to malicious web sites where
    users install viruses disguised as patches. Also, beware of email
    messages that claim that they have attached the patch to the
    message--these attachments are often viruses.
    _________________________________________________________________

    Both the National Cyber Security Alliance and US-CERT have identified
    this topic as one of the top ten for home users.
    _________________________________________________________________

    Author: Mindi McDowell

    This document is also available online:

    <http://www.us-cert.gov/cas/tips/ST04-006.html>
    _________________________________________________________________

    Copyright 2004 Carnegie Mellon University.

    Terms of use:

    <http://www.us-cert.gov/legal.html>

    You are not authorised to post comments.

    LinuxSecurity Poll

    Do you reuse passwords across multiple accounts?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    13
    radio
    [{"id":"55","title":"Yes","votes":"4","type":"x","order":"1","pct":80,"resources":[]},{"id":"56","title":"No","votes":"1","type":"x","order":"2","pct":20,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.