Zero day threats take advantage of unknown or unpatched vulnerabilities and continue to cause massive damage and the fallout from the theft of the NSA discovered exploits such as EternalBlue, resulted in numerous impactful malware attacks all throughout last year including WannaCry, NotPetya and BadRabbit. WannaCry is still active in the wild and infecting unpatched PCs.
In May 2018 Panda Security Technology Strategist Josu Franco stated “the single most effective measure to mitigate cybersecurity risk is patching”. He continued “And we are not talking about patching absolutely everything, Focus on patching vulnerabilities for which an exploit has been confirmed”. According to a recent IBM X-Force report, 99% of exploited vulnerabilities had a patch available for over 1 year.
However managing and installing patches can be resource and time consuming with patches being released by software vendors constantly. In fact it made the news last October the fact that for one month there were no security patches for Adobe Flash player – the first time since July 2012. Though they made up 6 days later with an emergency security patch for Flash, to squash a bug with a known exploit and malware in the wild that utilised it.
The number of flaws and vulnerabilities recorded in 2017 is overwhelming, reaching 20,000, 38% more than in the previous five years combined. Vulnerable software is not just a Microsoft problem though, according to the National Vulnerability Database, 86% of security flaws were found on third-party applications (Adobe, Java, Chrome, etc.).
Panda Security will be releasing a full Patch Management module integrated into the same console as our Panda Endpoint Protection (EPP) and Panda Adaptive Defense (EDR) solution, covering Microsoft and almost 100 other software products for third parties.
- Automating the Patch Management process
- Mitigates Risks
- Reduces Costs
- Greater Efficiency
So you can dedicate more time to strategic projects.
– Neil Martin, Marketing Manager, Panda Security