Patching & Updating Exercise Solution

Exercise 1: Updating your applications solution

Summary

To install a patch or update, you first need to identify the asset inventory, i.e. what you have to allow the upgrade. Then you need to compare the current version of applications installed to the lasted versions available. This information can usually be found on the applications' official webpage.

There are many reasons not to patch, some of them are:

• Don't realize an update is needed
• Don't know or understand the impact of the update
• Fearful it will disrupt us
• Want to make sure the application is fully tested before installed

If possible, always keep your software and applications up to date, the easiest way to do it is to enable auto-update.

Exercise 2: Microsoft Security Resource Center (MSRC) solution

Summary

Microsoft provides numerous resources to help their clients stay current with updates to Microsoft products. Organizations of all types and sizes use them as part of their daily business. Security professionals often need to lead the updating process to ensure those products stay current and free from known vulnerabilities.

Students should become familiar with the MSRC, the Security Update Guide FAQ, and the SUG list of product updates (screenshots below).