Stan Beer
Tuesday, 09 May 2006 19:05
Business IT -
Security
The Asia Pacific vice president of patch management software vendor, Patchlink, believes that is a growing incidence of hackers targeting non-Microsoft platforms.
According to Neal Gemassmer, Vice President of PatchLink APAC, recent
evidence shows that Microsoft is now just one of many targets for
hackers.
"With many organisations emphasising Patch Tuesday, while the number of
non-Microsoft vulnerabilities grows, enterprises may be lulled into a
false sense of security. Out of the one-hundred new vulnerabilities
reported by SANS in the first week of April 2006, ninety-six were
non-Microsoft software-related vulnerabilities," said Mr Gemasser.
"These statistics re-enforce PatchLink's assertion that regardless of
the operating system or application in which a new vulnerability
arises, customers need to patch across multiple platforms and
application layers.
"As IT environments become increasingly heterogeneous, hackers are
increasingly targeting non-Microsoft, browsers, platforms and
applications. The best network security strategy is to ensure that all
systems across the network have the most up-to-date patches, software
updates and policy changes, regardless of if its a Microsoft product or
not.”
Microsoft is planning to issue three critical fixes (2 Security Updates
for Windows, 1 Security Update for Exchange), which may require a
restart. In order to maintain business continuity and provide ongoing
protection across the enterprise, IT administrators need to carefully
complete a thorough and accurate inventory of their IT assets and
prioritise the patching process. IT administrators need to test the
critical patches in their respective environments to ensure there are
no disruptions to their environment before deploying them across the
entire network.