Cookies help us display personalized product recommendations and ensure you have great shopping experience.

By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    big data and customer service outsourcing
    How Data Analytics Improves Customer Service Outsourcing
    18 Min Read
    How a Specialized Marketing VA Improves Campaign Analytics
    How a Specialized Marketing VA Improves Campaign Analytics
    11 Min Read
    New Data Analytics Breakthroughs Give eCommerce Startups a Fighting Chance
    New Data Analytics Breakthroughs Give eCommerce Startups a Fighting Chance
    6 Min Read
    How Data Analytics Is Reshaping Patient Financing Decisions
    How Data Analytics Is Reshaping Patient Financing Decisions
    13 Min Read
    business using business intelligence
    How to Use a Competitive Intelligence Dashboard to Turn Market Data Into Smarter Marketing Decisions 
    9 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-25 SmartData Collective. All Rights Reserved.
Reading: The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management
Share
Notification
Font ResizerAa
SmartData CollectiveSmartData Collective
Font ResizerAa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > IT > Security > The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management
Security

The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management

onlinetech
onlinetech
3 Min Read
SHARE

Why is patch management so important? If your servers aren’t updated and managed properly, your data and applications are left vulnerable to hackers, identity thieves and other malicious attacks against your systems.

Why is patch management so important? If your servers aren’t updated and managed properly, your data and applications are left vulnerable to hackers, identity thieves and other malicious attacks against your systems.

And when it comes to sensitive data and national industry compliance standards, such as HIPAA and PCI DSS compliance, your company can’t afford to suffer a data breach or theft, as the fines and estimated financial loss per data breach record continues to rise each year.

More Read

The Panama Papers- It’s all about the data!
Digital Transformation Has Spurred an Unexpected Renaissance in the Age of Big Data
AI Leads to Powerful New Fraud Detection Software for E-commerce
Big Data: Important Ways To Protect Yourself Online
2 Ways Your Data Might Be Skewed Without Your Knowledge

The above video was a concept exploit of the recent vulnerability MS11-83.  The theory behind MS11-83 is that you can send specially crafted UDP packets to a target machine and gain access to it, whether the port is closed or not.

By comparison, the much talked about Stuxnet variant “Duqu” uses a Win32k TrueType font parsing engine vulnerability to inject itself into target machines.  Unlike MS11-83, Duqu is a real-world example of the exploit that has the ability to cause considerable damage and spread itself by embedding itself into Microsoft Word documents sent as email attachments or even USB keys.

In each of these cases these vulnerabilities are known, and fixes have been released (though in Duqu’s case, there is only a temporary patch), and have been disseminated down to WSUS servers and individual computers worldwide.  While MS11-083 has been patched within a week, Duqu was detected in the middle of October, with Microsoft releasing an advisory three weeks later.  This exemplifies the importance of immediate patch management.  One can little afford to not keep their public facing servers up-to-date with the latest patches.

Security is a paramount concern of clients, but so is the stability of your IT operations. Clients often mix and match patching levels to balance these two concerns. At Online Tech, we offer three different levels of patch management, notify clients of outstanding updates waiting to be applied, and offer any assistance with patch installation to ensure comprehensive security measures are implemented accurately and timely.

References:

Microsoft Security Bulletin MS11-083 – Critical
Microsoft Security Advisory: Vulnerability in TrueType Font Parsing Could Allow Elevation of Privileges
JFY: ms11-083
Duqu Exploits Same Windows Font Engine Patched Last Month, Microsoft Confirms

Share This Article
Facebook Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

big data and customer service outsourcing
How Data Analytics Improves Customer Service Outsourcing
Analytics Exclusive
The End of Unstructured Marketing: Forcing Generative AI into Strict HTML Schemas
The End of Unstructured Marketing: Forcing Generative AI into Strict HTML Schemas
Artificial Intelligence Exclusive
How a Specialized Marketing VA Improves Campaign Analytics
How a Specialized Marketing VA Improves Campaign Analytics
Analytics Exclusive
ai marketing tools
The 9 AI Tools Marketers Use to Create Images and Video in 2026
Artificial Intelligence Exclusive

Stay Connected

1.2KFollowersLike
33.7KFollowersFollow
222FollowersPin

You Might also Like

ai underscores risks of passwordless authentication
Artificial Intelligence

AI Underscores Passwordless Authentication Risks for Internet Users

6 Min Read

Can We Trust Salesforce for Business in the Cloud?

24 Min Read
how vpns can protect your data
Big DataExclusiveSecurity

Here’s How VPNs Can Protect Against Big Data Leaks

5 Min Read
Image
Security

After years in hiding, SQL Slammer worm returns with a vengeance

2 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

ai chatbot
How AI Website Chatbots Improve Customer Support and Lead Generation
Chatbots Exclusive
ai is improving the safety of cars
From Bolts to Bots: How AI Is Fortifying the Automotive Industry
Artificial Intelligence

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-26 SmartData Collective. All Rights Reserved.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?