The Network Security. Org

WMF Vulnerability Sparks Patch Program

The Windows Metafile (WMF) vulnerability, which emerged in the last week of 2005 and was resolved with a patch that Microsoft released off its regular patch schedule at the end of the first week of 2006, wasn't good news at all. But I managed to wring a good outcome out of the situation, since it allowed me to give some structure to our patch management process.

Before this threat arose, efforts to deploy a patch management process had been met with excuses. Resources were short. A Systems Management Server (SMS) upgrade was being deployed. And as a general rule, engineers are resistant to patching because it could harm their ability to work. When the WMF vulnerability came to light, I saw an opportunity to finally institute a patch management process without listening to a lot of moaning. Unfortunately, it sometimes takes a serious incident or the threat of one to bring about change in an IT organization. WMF Vulnerability Sparks Patch Program - Computerworld

More News

• Several vulnerabilities closed in the Linux kernel
  



• 8 Best Practices for Encryption Key Management and Data Security
  



• Free Honeypot Client Could Sting Malware
  



• What Firewalls Do & Donot Do
  



• Symantec fingers D Link for bot attacks
  



• WhiteHat: 90% of Sites Still Vulnerable
  



• Red Hat releases free security code
  



• A new type of Bluetooth security
  



• Dude, where is my perimeter?
  



• Scaring users into IT security
  



• VMware fixes security bugs
  



• The top 10 security land mines
  



• Encrypt volumes through a cross platform GUI with TrueCrypt 5.0
  



• The threat of the Ajax Super Worm
  



• eEye to Add Retina Web App Scanner
  



• FTP Hacking on the Rise
  



• Microsoft Patches 12 Office Security Holes
  



• Malware removes rival rootkits
  



• Security holes in VLC media player patched
  



• Five basic mistakes of security policy