Patch Opens New Engagement OpportunitiesBy Frank Ohlhorst | Posted 2008-12-17 Email Print
The Myths and Truths of Building a World-Class Cyber Defense REGISTER >
Microsoft's emergency patch created to fix a serious security vulnerability in all versions of Internet Explorer, will install automatically. But solution providers can use the patch as an opportunity to fix browsers, tune up systems and install better security protections.
The automated nature of this fix doesn’t means solution providers have to sit on the sidelines. Solution providers should be calling their customers to discuss the severity of the security flaw, discuss remediation options and validate whether or not a PC has been affected. With a security flaw this severe, due diligence is of the utmost importance.
Once a customer understands the severity of the threat, it will be up to the solution provider to offer some advice and take some action. At the very least, automatic updating of the PC should be enabled, so this security patch and others are delivered automatically. Solution providers can use that as a catalyst to sell patch management solutions to their customers. Patch management solutions are available from vendors such as Shavlik, Ecora, Symantec, Numara, GFI and many others. Some solution providers can offer to go one step further and offer managed services to handle patching, removing all worry from the customer.
Although the Windows Malicious Software Removal Tool is a good starting point, it’s not the end all, be all of remediation. Here, solution providers should turn to advanced products such as those available from AVG, Symantec, McAfee, Trend Micro and others for complete anti-malware products. The real goal here should be to remediate the system and install a complete desktop security suite, which offers secure browsing and anti-phising protection.
Solution providers can go one step further and offer up to their customers a hosted and managed security service, such as what is available from PureWire or Trend Micro. Those solutions incorporate inline scanning, along with anti-malware detection and prevention and can prevent exploits from impacting a customer, regardless of patch status.
Solution providers will find some other tips for dealing with the problem quite useful and could lead to some networking integration work. For example, PCs that don’t allow users to have administrative privileges are less likely to be impacted. Here, solution providers can define policies to limit a user’s access on the PC, a good practice to implement regardless of the flaw.
Solution providers will find that the news here isn’t all bad, many of the anti-malware companies have announced that their products have protected users from the IE flaw. Symantec, AVG, and a few others claim that their respective "safe browsing" technologies protect users from harm.
The real lesson here for solution providers is to use this flaw as a method to offer services and enhance current security offerings. At the very least, solution providers should be calling their customers to either let them know not to worry (they are already protected) or to offer help to solve the potential problems caused by IE’s latest flaw and perhaps pitch improved security products and services.