Blog

Blind Patch Ballet

Written By:
Published:
Content Copyright © 2006 Bloor. All Rights Reserved.
Also posted on: Nigel Stanley

Like many people this morning I undertook the regular automatic update of my PC with three fixes from Microsoft.

http://www.microsoft.com/technet/security/bulletin/ms06-sep.mspx

It’s a bit like ballet as you nimbly install your patches, reboot your machine and dance around the room with fingers crossed hoping the PC will reboot and come alive again.

I, like many others, do this update blindly with no testing. Are we right to be so trusting?

Patches are complex things. They are released by software manufacturers to address bugs or security flaws in their applications but patches have little information on what other software will be affected by their installation.

In addition patches can be presented in different formats, each of which operates in a slightly different way and will have implications for effective patch deployment.

The pressure to apply patches is enormous. Each day that a system remains unpatched can mean another day that the system is vulnerable to malware or hacker attack.

If a patch is blindly installed on a PC it can affect the stability of the computer and lead to system crashes.

For example:

“Security patch crashes Explorer, Office…”

PC PRO April 2006 – http://www.pcpro.co.uk/news/news/86130

“Security patch crashes IE…”

PC PRO August 2006 –

http://www.pcpro.co.uk/news/91983/security-patch-crashes-ie.html

“The Internet Explorer patch that Microsoft released earlier this month not only caused the browser to crash on many machines, but also produced an exploitable condition in IE that is currently unpatched.”

searchsecurity.com August 2006

http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1212016,00.html

Historically the only way to determine if a patch will affect a PC is to laboriously load and test the patch against every application that has been installed on the PC. This can take many days and will never be a thorough test as the number of component settings changed by patch can be huge.

Alternatively many organisations will simply load the patch and hope it does not affect their PCs – often with disastrous results as the patches can take down other applications.

From a security point of view a fully patched PC is one of the best safe guards against malware and hacker attacks and is a vital component in an Assured business.

But how long will I be able to play blind patch ballet before my PC trips and falls over on the dance floor?