Network Security Knowledge Understanding Patches and Software Updates

Basic requirements for network security level protection The evaluation control point under the intrusion prevention evaluation of secure computing environment requires that “the known vulnerabilities that may exist should be discovered, and the vulnerabilities should be repaired in a timely manner after sufficient testing and evaluation.” Basically call it a patch.

In the “Guidelines for High-Risk Determination of Network Security Level Protection” TISEAA 001-2020, it is clarified that there are high-risk vulnerabilities that can be exploited in the application system as a high-risk item, and its scope of application is the system above the second level. , framework, component or business function, etc. Of course, repairing the vulnerability needs to be connected to the Internet, and the risk of remote attack is high if the vulnerability is not repaired, but the intranet system can be analyzed according to the specific situation, and the risk level can be determined as appropriate. Therefore, in the process of judging high-risk risks, comprehensive analysis is also required, neither excessive interpretation nor too mechanical, but this degree of mastery requires more comprehensive knowledge to support.

What is a patch?

Patches are software and operating system (OS) updates that address security vulnerabilities in a program or product. Software vendors may choose to release updates to fix performance bugs, as well as provide enhanced security features.

How do I find out which software updates need to be installed?

When software updates are available, vendors usually put them on their website for users to download. Install updates as soon as possible to protect our computers, phones or other digital devices from attackers exploiting system vulnerabilities. Attackers could target vulnerabilities months or even years after updates are available. Some software automatically checks for updates, and many vendors offer users the option to receive updates automatically. If they are not available, check the vendor’s website regularly for updates.

Make sure we only download software updates from trusted vendor websites.

Don’t trust links in emails — attackers use emails to direct users to websites that host malicious files masquerading as legitimate updates. Users should also be wary of emails claiming to have attached software update files – these attachments may contain malware.

If possible, only apply automatic updates from trusted network locations (eg, home, work). Avoid updating software (automatically or manually) while connected to untrusted networks (eg, airports, hotels, coffee shops). If the update must be installed over an untrusted network, use a virtual private network connection to a trusted network and apply the update.

What is the difference between manual update and automatic update?

Users can install updates manually or choose to have their software programs update automatically.

Manual updates require the user or administrator to visit the vendor’s website to download and install the software files.

Automatic updates require user or administrator consent when installing or configuring software. Software updates are automatically “pushed” (or installed) to our systems once we agree to automatic updates.

What is obsolete software?

From time to time, vendors discontinue support for or release software updates for software programs (also known as end-of-life)[EOL]software). Continued use of EOL software creates corresponding risks to our systems, allowing attackers to exploit security holes. Using unsupported software can also lead to software compatibility issues and reduced system performance and productivity.

Users and administrators are advised to deactivate all EOL products.

Best Practices for Software Updates

Enable automatic software updates whenever possible. This will ensure that software updates are installed as soon as possible.

Do not use unsupported EOL software.

Always go directly to the supplier’s website instead of clicking on an ad or email link.

Avoid software updates when using an untrusted network.

New vulnerabilities are constantly emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep our software up to date. This is the most effective measure we can take to protect our computers, phones and other digital devices.

The Links:   LM215WF3-SDB1 KCS3224ASTT-X7 IGBT-STOCK