PrintNightmare Vulnerability Reveals the Challenges of Patch Management

In its June 2021 “Patch Tuesday” release, Microsoft addressed a local privilege escalation weakness in the Windows Print Spooler service. However, researchers soon found a more serious vulnerability in the service — a remote code execution attack called PrintNightmare. Microsoft issued an out-of-band patch to fix this vulnerability, and urged administrators to apply it immediately.

Microsoft Print Nightmare

The new patch did not address all aspects of the bug in every scenario, so it was updated at least twice. Even then, there was no guarantee the patch would work. Some security experts recommended that organizations turn off print spooling even though printers wouldn’t work.

The PrintNightmare saga is just one example of the challenges of patch management, the process of repairing vulnerabilities in an organization’s IT infrastructure in order to maintain security. Enterprise organizations often receive dozens of critical patches and updates every day, which can overwhelm time-strapped IT teams. Not surprisingly, most organizations find it difficult to apply patches and updates on a timely basis.

A managed services provider (MSP) can reduce your exposure. MSPs have highly trained personnel, proven processes, and remote monitoring and management solutions that enable them to manage patches for all devices and applications on the network.

 

Pitfalls of Poor Patch Management

While consumers are accustomed to having patches automatically installed on their PCs, IT managers have to approach patches with caution. Patches are often buggy or have installation problems, and any problems can have a cascading effect throughout the IT environment.

As a result, patches require comprehensive testing to ensure that they’ll work without causing system downtime or hampering network performance. According to a Ponemon Institute survey, it takes organizations an average of 12 days to coordinate the application of a single patch across all devices.

Because patch management requires time, personnel and resources that many organizations lack, security holes often go unplugged. The Department of Homeland Security estimates that 85 percent of successful network exploits involve unpatched machines. In many cases, patches that would have prevented the exploits had been available but unapplied for a year or more.

Attempting to patch vulnerabilities on the fly is a recipe for disaster because it’s virtually impossible to keep up with the volume of patches. Patch management tools enable administrators to automate the process, but only after taking inventory of all the software installed throughout the environment and configuring policies for patch deployment. Administrators must also ensure that device firmware is updated when needed.

 

How GDS Can Help

A better approach, especially for organizations with limited in-house IT resources, is to outsource patch management to an MSP. The MSP will ensure that patches are prioritized, tested, scheduled and kept up to date. Your organization will be better protected against threats that can result in costly downtime and data loss.

The PrintNightmare saga is just one example of the challenges of patch management. 

GDS offers Managed Infrastructure and Managed Desktop solutions that incorporate proactive maintenance and the prompt application of patches and updates. We stay abreast of vendor patch releases, and prioritize critical bug fixes and updates that could put your organization at risk. We also manage the testing and rollout of patches to minimize business disruption.

All of our voice, collaboration and connectivity solutions are fully managed, so you never have to worry about patching. We handle everything from end to end for simplicity and peace of mind.

PrintNightmare is just the latest bad dream in the world of patch management. Many IT administrators are grappling with hundreds of patches each week that must be tracked, tested and implemented. However, putting patch management on the back burner is a risky proposition. Let GDS take over your patch management and keep your organization protected.

  


 

Benefits of Managed IT Services from Global Data Systems

  • Strategic Managed IT: We help you solve your technology related business problems.
  • Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
  • Support: When you need help simply call our 24x7x365 support number.
  • Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.

Contact Managed Services Provider, Global Data Systems >