Attackers have learned that one of the easiest and most successful ways to successfully take control of a network is to launch attacks against vulnerable programs on your systems. It is almost certain that you are not protected against these attacks—at least not until you take important steps.
Many viruses and other malware exploit vulnerabilities in applications. Are all of your patches current for applications such as Adobe Acrobat, Flash, Java, Microsoft Office, etc.?
In some cases, the application patches are even more important than OS patches—although both are important.
Attackers often exploit applications before the vendor has issued a patch to prevent the exploit. These attacks are referred to as zero-day exploits.
Your organization’s IT professionals need to create a list of applications in order to apply patches ASAP because, unless they identify all of your applications, they will not be able to patch all of them.
Ensure that new application patches get tested first on non-production machines. The test needs to be instituted immediately after the patch is released. Desktop and server virtualization can help IT with the testing process by providing a method to run server and workstation configurations on a single piece of hardware for testing.
Please post your comments on this blog.