As a managed services provider, Quistor’s Managed Operational Security (MOS) department mitigates technical risks associated with customer security vulnerabilities. This article will explain Patch Management and how the MOS team uses a proactive approach to combat the exploitation of software-based security vulnerabilities arising from unpatched or outdated software.

Patch Management involves identifying vulnerabilities, and then acquiring, testing, and applying updates (patches) to the relevant software. This process is essential for mitigating potential security risks that could be exploited by cyberattacks, as outdated or unpatched systems are prime targets for hackers.

Regularly applying patches improves the security, stability, and functionality of systems and software, ensuring that they remain protected against known vulnerabilities.

Additionally, Patch Management also helps to maintain compliance with industry standards, reduces downtime caused by system failures, and improves system performance by addressing bugs or inefficiencies in the code.

A customer’s patching schedule and frequency are mutually agreed upon before the beginning of the year to align with business needs and operational priorities. By pre-defining the patching schedule, the MOS team helps minimise disruptions and allows customers to plan for potential downtime well before any patching windows.

Commonly, patching intervals are weekly, monthly, or quarterly, depending on what is in the patching scope and the frequency of vendor-released patches. For example, operating systems receive regular updates due to frequent security patches and functionality improvements, making weekly or monthly patching necessary to maintain the highest level of security and stability.

On the other hand, software such as Oracle Java, Oracle WebLogic, or Oracle Database follow a more predictable patching cycle, with scheduled updates being released once per quarter.

In the event of a critical or zero-day vulnerability being discovered, the MOS team will coordinate with the customer to apply patches as soon as possible, to mitigate risks and keep their systems secure.

The MOS team will acquire the required patches through Oracle or the vendor to ensure that the most up-to-date and secure versions are obtained directly from trusted sources.

Once acquired, the patch will then be tested by applying it to a controlled test environment to ensure that the update does not cause further issues or unexpected behaviour on the system, such as compatibility problems with other software, performance degradation, or disruptions to critical business services.

If issues are discovered during testing, the MOS team will work with the vendor to troubleshoot and resolve the issues before applying the patches to the customer’s live environment.

The MOS team reviews the latest critical-risk vulnerabilities daily to discover if any customer systems are affected. This proactive approach results in potential threats being identified swiftly and accurately, allowing for immediate action to protect customer environments.

If a vulnerability is discovered that has a common vulnerability and exposure score of 9.0 or above, that affects a customer’s system, the MOS team will promptly contact the customer to provide detailed information regarding the nature of the vulnerability and its potential impact, as well as to confirm a patching date to apply fixes and mitigate the vulnerability as soon as possible.

The MOS team’s goal is to minimise the window of exposure and prevent any opportunity for attackers to exploit the vulnerability.