DOCSLIB.ORG

Microsoft Security Update Guide Second Edition

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Microsoft Security Update Guide Second Edition Microsoft Security Update Guide Second Edition Helping IT Professionals Better Understand and Maximize Microsoft Security Update Release Information, Processes, Communications and Tools Microsoft Security Update Guide, Second Edition 2 i Microsoft Security Update Guide, Second Edition © 2011 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information and views expressed in this document, including any URL and other Internet Web site references, may change without notice. You bear the risk of using it. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. Microsoft Security Update Guide, Second Edition Contents Welcome ................................................................................................................................. 1 How to Use the Microsoft Security Update Guide ....................................................... 2 Introduction ........................................................................................................................... 2 Managing Vulnerabilities ...................................................................................................... 6 Purpose of this Guide ...................................................................................... 6 Vulnerability Management at Microsoft ............................................................ 7 Managing Security Updates by Using Microsoft Solutions ....................................... 9 Three Approaches to Security Updates ......................................................... 10 The Microsoft Security Update Release Process ........................................................ 15 How Microsoft Tests Security Updates .......................................................... 16 Application Compatibility Testing ................................................................. 17 Rootkit Detection.......................................................................................... 18 Security Test Pass ....................................................................................... 18 Security Update Validation Program............................................................ 19 Microsoft Security Release Communications ................................................ 19 Security Bulletin Advance Notification ......................................................... 19 Security Bulletin Summary ........................................................................... 20 Security Bulletin ........................................................................................... 20 Security Update ........................................................................................... 20 Knowledge Base (KB) Articles ..................................................................... 21 Security Advisory ......................................................................................... 21 Predictable Security Update Release Process ............................................ 21 Fraudulent Notifications That Target Microsoft Security Updates ................. 23 Customer Risk Management Framework ...................................................... 23 ii Microsoft Security Update Guide, Second Edition Stage 1: Receive Microsoft Security Release Communications ............................. 25 Microsoft Security Release Communications ................................................25 Receiving Microsoft Security Release Communications ...............................26 Stage 2: Evaluate Risk ....................................................................................................... 28 Determinations in the Risk Management Framework ....................................30 Does Your Organization Lack an Existing Risk Management Process? .......31 Identify Whether the Vulnerability Applies .....................................................31 Gathering Security Vulnerability Intelligence ...............................................32 Determining the Vulnerability Risk .................................................................35 The Microsoft Severity Rating System .........................................................36 Risk Evaluation Resources ..........................................................................38 Example: Applying Microsoft Guidance to Evaluate Risk ..............................46 Example: Applying Intelligence to Determine Risk Rating ...........................47 Security Update Deployment Considerations ................................................48 Stage 3: Evaluate Mitigation ........................................................................................... 54 A Viable Short-Term Security Control ............................................................55 Stage 4: Deploy Updates ................................................................................................. 59 The Deploying Microsoft Windows Server Update Services Guide ...............62 Standard and Urgent Deployments ................................................................62 Standard Package Application Process .........................................................62 Planning the Deployment ...............................................................................63 Example: Planning Security Update Deployment ........................................64 Is a Security Update Available for Download? ...............................................66 Obtaining the Required Security Update Files from a Trusted Source ..........67 Creating Update Packages ............................................................................68 Testing Update Packages ..............................................................................70 iii Microsoft Security Update Guide, Second Edition Test Environment ......................................................................................... 70 Pilot Deployment .......................................................................................... 72 Test Process Steps ...................................................................................... 72 Deploying Update Packages .......................................................................... 83 Submitting a Change Request ..................................................................... 86 Communicating the Rollout Schedule to the Organization .......................... 86 Installing the Update .................................................................................... 87 Accelerating Security Update Deployment .................................................... 89 Creating Update Packages .......................................................................... 89 Testing Packages ........................................................................................ 89 Deploying Packages .................................................................................... 89 Stage 5: Monitor Systems ................................................................................................ 90 Successful Update Deployment ..................................................................... 91 Confirming Update Installation ..................................................................... 92 Uninstalling Security Updates ...................................................................... 94 Post-Implementation Review ....................................................................... 96 Short-Term Mitigation Removal ................................................................... 96 Stage 6: Use Microsoft Resources to Track Security Developments .................... 97 Major and Minor Security Bulletin and Advisory Revisions ........................... 98 The Constant Threat from Malicious Software .............................................. 99 Other Security Resources ............................................................................ 101 Summary ............................................................................................................................ 102 Feedback ..................................................................................................... 102 Appendix ............................................................................................................................ 104 The Microsoft Security Update Release and Deployment Process Diagram104 Microsoft Security Update Terminology ....................................................... 106 iv Microsoft Security Update Guide, Second Edition Microsoft Security Updates ........................................................................107 Windows Update or Microsoft Update? .......................................................109 Security Update Policy for Non-Genuine Software ....................................110 Glossary and Commonly Used Terms .........................................................111 v Microsoft Security Update Guide, Second Edition Welcome A Message from Trustworthy Computing Security General Manager, Matt Thomlinson Welcome to the Microsoft Security Update Guide, Second Edition. Our aim with the Guide is to help you manage the process of deploying Microsoft security updates within your environment. Microsoft produces a lot of information and guidance about our security updates, and the Guide describes how to use these resources effectively to help make your
Load more

Recommended publications
  • Windows Server Update Services 3.0 SP2 Operations Guide
    Windows Server Update Services 3.0 SP2 Operations Guide Microsoft Corporation Author: Anita Taylor Editor: Theresa Haynie Abstract This guide describes how to manage Windows Server Update Services 3.0 SP2 (WSUS 3.0 SP2). You will find best practices and instructions for managing updates, maintaining client computers and groups, and running reports. This guide also offers server and client troubleshooting information. Copyright Notice Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted in examples herein are fictitious. No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, ActiveX, Authenticode, Excel, InfoPath, Internet Explorer, MSDN, Outlook, Visual Studio, Win32, Windows, Windows Server, and Windows Vista are trademarks of the Microsoft group of companies.
    [Show full text]
  • Microsoft Windows 10 Security and Privacy: an ESET White Paper
    Microsoft Windows® 10 Security and Privacy An ESET White Paper Microsoft Windows® 10 Security and Privacy An ESET White Paper Version 1.0 - June, 2016 NOTE: Microsoft is continuously changing Windows 10 in order to improve its reliability, quality and security. As a result, the behavior of the operating system may, over time, diverge from that described in the original version of the white paper. While every attempt has been made to provide accurate descriptions of Windows 10 features (including screenshots), future changes made by Microsoft may make parts of this white paper out of date. Please check with ESET for the latest version of this white paper for the most accurate and up-to-date information on Windows 10. Contents Introduction ................................................................................................................................ 4 All for one, one for all? ............................................................................................................... 5 Windows Adoption by the Numbers .............................................................................................. 6 Windows 8: The Security Story So Far ............................................................................................ 7 What's Improved in Windows 10 .................................................................................................... 8 Windows Update ...................................................................................................................... 8 Are updates
    [Show full text]
  • Patch Management Overview
    PPaattcchh MMaannaaggeemmeenntt User Guide Version R95 English February 4, 2021 Copyright Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya’s “Click-Accept” EULATOS as updated from time to time by Kaseya at http://www.kaseya.com/legal.aspx. If Customer does not agree with the Agreement, please do not install, use or purchase any Software and Services from Kaseya as continued use of the Software or Services indicates Customer’s acceptance of the Agreement.” ©2019 Kaseya. All rights reserved. | www.kaseya.com Contents i Patch Management Overview Contents Patch Management Overview ...................................................................................................................... i Patch Management Module Minimum Requirements ...................................................................... ii Methods of Updating Patches ............................................................................................................ ii Configuring Patch Management ....................................................................................................... iii Patch Processing ................................................................................................................................ iv Superseded Patches .......................................................................................................................... iv Update Classification .........................................................................................................................
    [Show full text]
  • Bigfix Patch Windows User Guide
    BigFix Patch for Windows - User's Guide Special notice Before using this information and the product it supports, read the information in Notices (on page 112). Edition notice This edition applies to BigFix version 10 and to all subsequent releases and modifications until otherwise indicated in new editions. Contents Special notice................................................................................................................................ 2 Edition notice............................................................................................................................... 3 Chapter 1. Patch for Windows User's Guide...................................................................... 1 Chapter 2. Overview.......................................................................................................... 3 System requirements............................................................................................................ 4 Other languages supported................................................................................................58 Site subscription..................................................................................................................60 Fixlet fields...........................................................................................................................60 Chapter 3. Patch for Windows.........................................................................................63 Patch using Fixlets..............................................................................................................63
    [Show full text]
  • Custom Windows Patching Methodology - Comparative Analysis
    Georgia Southern University Digital Commons@Georgia Southern Electronic Theses and Dissertations Graduate Studies, Jack N. Averitt College of Fall 2018 Custom Windows Patching Methodology - Comparative Analysis Brent Michael Henderson Follow this and additional works at: https://digitalcommons.georgiasouthern.edu/etd Part of the Technology and Innovation Commons Recommended Citation Henderson, Brent Michael, "Custom Windows Patching Methodology - Comparative Analysis" (2018). Electronic Theses and Dissertations. 1849. https://digitalcommons.georgiasouthern.edu/etd/1849 This thesis (open access) is brought to you for free and open access by the Graduate Studies, Jack N. Averitt College of at Digital Commons@Georgia Southern. It has been accepted for inclusion in Electronic Theses and Dissertations by an authorized administrator of Digital Commons@Georgia Southern. For more information, please contact [email protected]. CUSTOM WINDOWS PATCHING METHODOLOGY – COMPARITIVE ANALYSIS by BRENT HENDERSON (Under the Direction of CHRIS KADLEC) ABSTRACT Windows Server Update Services has been a common mainstay among organizations with a heavy footprint of Windows operating systems since it was originally released as Software Update Services in 2002. While the product has grown in scope, the primary allure remains the same: WSUS offers organizations greater control over the patches that are released to their environment and saves bandwidth by allowing a centralized device to download and offer patches to internal clients rather than having each of those clients download the content they require from the Internet. Unfortunately, the product has a structural limitation in that it lacks the capacity to provide high-availability to the metadata synchronization process that must occur in order to deliver the most up-to-date patches to endpoints.
    [Show full text]
  • Microsoft System Center Software Update Management Field
    Visit us today at microsoftpressstore.com • Hundreds of titles available – Books, eBooks, and online resources from industry experts • Free U.S. shipping • eBooks in multiple formats – Read on your computer, tablet, mobile device, or e-reader • Print & eBook Best Value Packs • eBook Deal of the Week – Save up to 60% on featured titles • Newsletter and special offers – Be the first to hear about new releases, specials, and more • Register your book – Get additional benefits Hear about it first. Get the latest news from Microsoft Press sent to your inbox. • New and upcoming books • Special offers • Free eBooks • How-to articles Sign up today at MicrosoftPressStore.com/Newsletters Wait, there’s more... Find more great content and resources in the Microsoft Press Guided Tours app. The Microsoft Press Guided Tours app provides insightful tours by Microsoft Press authors of new and evolving Microsoft technologies. • Share text, code, illustrations, videos, and links with peers and friends • Create and manage highlights and notes • View resources and download code samples • Tag resources as favorites or to read later • Watch explanatory videos • Copy complete code listings and scripts Download from Windows Store PUBLISHED BY Microsoft Press A division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052-6399 Copyright © 2015 by Microsoft Corporation All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. Library of Congress Control Number ISBN: 978-0-7356-9584-9 Printed and bound in the United States of America. First Printing Microsoft Press books are available through booksellers and distributors worldwide.
    [Show full text]