Patching Nightmare – Please Forward to Your IT Pros

by | Jan/23/2018

Intel says, again, to stop deploying patches. Java and other new patches need handling.

Intel advises that IT Professionals stop deploying the current versions of patches for the recently discovered security flaws in CPU chips. Find details, just updated, by searching:
Root Cause of Reboot Issue Identified Updated Guidance for Customers and Partners site:intel.com

Do not insert a space after the colon.

For most of you, deploying Microsoft patches is easy compared to managing Flash, Java, and browser updates. Oracle is releasing multiple security patches for Java SE. Additionally, if you are upgrading Chrome to the 64 bit version, Google is releasing new patches for that browser.

For executives wondering what to do at home, you may find it best to download fresh versions of any non-Microsoft browsers you use, and reinstall the most recent versions of Flash and Java, if you still use either, from https://get.adobe dot com/flashplayer/ or java dot com . Your Microsoft and/or Apple patches are likely configured to install automatically.

For both organizations and home office users, if you can remove Flash and/or Java from some or all of your computers, then you can forget about patching them. If you haven’t already, try it on a few computers. You may find that all of the websites essential to your business no longer require either. Worst case, you can re-install the most recent version.

Executives, please forward this to your IT Professionals. Be sure to, if you have not already, have a conversation with them about how aggressive you want them to be with patching. They can share the pros and cons with you. These days, an aggressive posture related to patches can increase your security dramatically, when handled properly. Provide them time to test the patches, test un-installing the patches, and then to deploy the patches in stages. They will also need to contact your cloud providers to discuss how they are handling the flaws and patches.