The term ‘patch’ triggers many familiar images – affixing a rubber patch to a blown bike tire, the ubiquitous duct tape repairs of myriad objects, and so on. While these temporary fixes won’t heal the underlying cause, they are a quick and easy solution. Our applications and software frequently need patches as well, to fix bugs, security flaws and add feature enhancements. However, in this case, patching is not a temporary band-aid, but rather a proactive planned strategy.

Patch management is the process of tracking security bug(s) and applying updates (code changes) on them in existing applications, software, or programs on a computer and other technologies to improve the functionality and security of already released programs installed in systems.

In the blink of an eye, you can miss a new business disrupting security incident. We all recognize that cybersecurity breaches are increasing in volume and sophistication. How we respond to them is critical. Security vulnerabilities force organizations to go outside of their daily activities to execute out-of-band responses. We face numerous challenges in managing security risk.

The objective of an organization when implementing cybersecurity controls is to eliminate risk, but this oftentimes involves settling for managing risk at an acceptable level. Each organization defines what that acceptable level is depending on several factors including the environment, the criticality of function, the asset type, etc. There are many methods and techniques that an organization can then use to manage this risk. One of the most commonly used methods is patching.

Enterprise IT administrators and technicians worldwide who are looking to take third-party patch management to the cloud or even expand their endpoint management capabilities can now rejoice, as Patch Connect Plus has introduced Intune Update Management to its patch management toolbox!

ESG research on cyber risk management, which involved 340 cybersecurity professionals, revealed that 40 percent felt tracking patch and vulnerability management over time was their biggest challenge.

Security researchers at Google have claimed that a quarter of all zero-day software exploits could have been avoided if more effort had been made by vendors when creating patches for vulnerabilities in their software.

On Tuesday, January 26, 2021, Apple released iOS and iPadOS 14.4. As with previous releases, each new OS update is available to all Apple devices capable of running iOS and iPadOS 14. If you’re an IT admin, you should evaluate how you want to approach the latest release. Do you want to accelerate or slow down the updates? One concern we often hear about is that the apps that a company is deploying may not be compatible or may not have been tested with the latest release.

On Tuesday, January 26, 2021, Apple released version 14.4 of its iOS, iPadOS, and tvOS products that included patches for three security vulnerabilities that affect iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation, as well as Apple TV.

Unpatched security vulnerabilities are utilized in the majority of data breaches and ransomware attacks. In fact, research shows that many CVEs go unfixed for long periods to time leaving companies open to unnecessary exposure. 60% of breaches involved vulnerabilities of which a patch was available but not yet applied. This is why vulnerability management is so important and not only having a plan but selecting the right tools to support your plan.