GFI Software issues advisory in advance of Patch Tuesday
Tomorrow is what is commonly known as Patch Tuesday in the lands of Microsoft and Adobe. It's the time of the month when the two software giants attempt to fix the bugs and security holes in their software by issuing a series of updates that are intended to benefit users. The practice of waiting to issue these updates is debatable, especially when exploits are available in the wild.
These updates, at least in the case of Microsoft, can also cause as much harm as good. Given that possibility, security company GFI issued an advisory in advance of the upcoming patches. "In light of the reboot loop problems resulting from the Microsoft patches issued in April, businesses need to have the ability to test patches, or have a trusted third-party test them, before deploying on corporate networks and PCs, in order to minimize potential downtime caused by a faulty patch" says Cristian Florian, product manager at GFI Software.
GFI contends that there needs to be insight into patching liabilities and a need for an understanding for businesses about what they are installing and how it will affect their IT systems. Given the endless reboot cycle that some Windows 7 computers suffered last month, this is a fair contention.
Many IT departments hold off on these updates, pending testing. However that is also not a great solution as it leaves systems vulnerable to attacks from hackers who reverse-engineer the flaws once they are disclosed.
"All the updates included in tomorrow’s Patch Tuesday have been listed as critical and are important for businesses to deploy" adds Florian. "They will remove some vulnerabilities that could be exploited to gain backdoor access to an organization’s network".