{"id":1703,"date":"2011-12-15T00:00:00","date_gmt":"2011-12-15T00:00:00","guid":{"rendered":"http:\/\/otava.test\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/"},"modified":"2011-12-15T00:00:00","modified_gmt":"2011-12-15T00:00:00","slug":"the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/","title":{"rendered":"The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management"},"content":{"rendered":"<p>Why is patch management so important? If your servers aren\u2019t updated and managed properly, your data and applications are left vulnerable to hackers, identity thieves and other malicious attacks against your systems.<\/p>\n<p>And when it comes to sensitive data and national industry compliance standards, such as <a href=\"https:\/\/otavawebsite.wpengine.com\/compliance-security\/hipaa-compliant-cloud\/\">HIPAA<\/a> and <a href=\"https:\/\/www.onlinetech.com\/compliant-hosting\/pci-compliant-hosting\/overview\">PCI DSS compliance<\/a>, your company can\u2019t afford to suffer a data breach or theft, as the fines and estimated financial loss per data breach record continues to rise each year.<\/p>\n<p><iframe loading=\"lazy\" src=\"https:\/\/www.youtube.com\/embed\/4aBE6o0oDlo\" width=\"560\" height=\"315\" frameborder=\"0\"><\/iframe><\/p>\n<p>The above video was a concept exploit of the recent vulnerability MS11-83.\u00a0 The theory behind MS11-83 is that you can send specially crafted UDP packets to a target machine and gain access to it, whether the port is closed or not.<\/p>\n<p>By comparison, the much talked about Stuxnet variant \u201cDuqu\u201d uses a Win32k TrueType font parsing engine vulnerability to inject itself into target machines.\u00a0 Unlike MS11-83, Duqu is a real-world example of the exploit that has the ability to cause considerable damage and spread itself by embedding itself into Microsoft Word documents sent as email attachments or even USB keys.<\/p>\n<p>In each of these cases these vulnerabilities are known, and fixes have been released (though in Duqu\u2019s case, there is only a temporary patch), and have been disseminated down to WSUS servers and individual computers worldwide.\u00a0 While MS11-083 has been patched within a week, Duqu was detected in the middle of October, with Microsoft releasing an advisory three weeks later.\u00a0 This exemplifies the importance of immediate patch management.\u00a0 One can little afford to not keep their public facing servers up-to-date with the latest patches.<\/p>\n<p>Security is a paramount concern of clients, but so is the stability of your IT operations. Clients often mix and match patching levels to balance these two concerns. At Online Tech, we offer three different levels of patch management, notify clients of outstanding updates waiting to be applied, and offer any assistance with patch installation to ensure comprehensive security measures are implemented accurately and timely.<\/p>\n<p>References:<\/p>\n<p><a href=\"https:\/\/technet.microsoft.com\/en-us\/security\/bulletin\/ms11-083\">Microsoft Security Bulletin MS11-083 &#8211; Critical<\/a><br \/>\n<a href=\"https:\/\/support.microsoft.com\/kb\/2639658\">Microsoft Security Advisory: Vulnerability in TrueType Font Parsing Could Allow Elevation of Privileges<\/a><br \/>\n<a href=\"https:\/\/youtu.be\/4aBE6o0oDlo\">JFY: ms11-083<\/a><br \/>\n<a href=\"https:\/\/www.computerworld.com\/s\/article\/9221498\/Duqu_exploits_same_Windows_font_engine_patched_last_month_Microsoft_confirms\">Duqu Exploits Same Windows Font Engine Patched Last Month, Microsoft Confirms<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Why is patch management so important? If your servers aren\u2019t updated and managed properly, your data and applications are left vulnerable to hackers, identity thieves and other malicious attacks against your systems. And when it comes to sensitive data and national industry compliance standards, such as HIPAA and PCI DSS compliance, your company can\u2019t afford to suffer a data breach or theft, as the fines and estimated financial loss per data breach record continues to rise each year. The above video was a concept exploit of the recent vulnerability MS11-83.\u00a0 The theory behind MS11-83 is that you can send specially crafted UDP packets to a target machine and gain access to it, whether the port is closed or not. By comparison, the much talked about Stuxnet variant \u201cDuqu\u201d uses a Win32k TrueType font parsing engine vulnerability to inject itself into target machines.\u00a0 Unlike MS11-83, Duqu is a real-world example of the exploit that has the ability to cause considerable damage and spread itself by embedding itself into Microsoft Word documents sent as email attachments or even USB keys. In each of these cases these vulnerabilities are known, and fixes have been released (though in Duqu\u2019s case, there is only a&#8230;<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"other_category":[],"class_list":["post-1703","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management | OTAVA<\/title>\n<meta name=\"description\" content=\"This video from Online Tech explains the importance of patch management and how patching vulnerabilities quickly can prevent malicious attacks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management\" \/>\n<meta property=\"og:description\" content=\"This video from Online Tech explains the importance of patch management and how patching vulnerabilities quickly can prevent malicious attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2011-12-15T00:00:00+00:00\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management\",\"datePublished\":\"2011-12-15T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/\"},\"wordCount\":384,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/\",\"url\":\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/\",\"name\":\"The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"datePublished\":\"2011-12-15T00:00:00+00:00\",\"description\":\"This video from Online Tech explains the importance of patch management and how patching vulnerabilities quickly can prevent malicious attacks.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management | OTAVA","description":"This video from Online Tech explains the importance of patch management and how patching vulnerabilities quickly can prevent malicious attacks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/","og_locale":"en_US","og_type":"article","og_title":"The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management","og_description":"This video from Online Tech explains the importance of patch management and how patching vulnerabilities quickly can prevent malicious attacks.","og_url":"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/","og_site_name":"OTAVA","article_published_time":"2011-12-15T00:00:00+00:00","author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management","datePublished":"2011-12-15T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/"},"wordCount":384,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/","url":"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/","name":"The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"datePublished":"2011-12-15T00:00:00+00:00","description":"This video from Online Tech explains the importance of patch management and how patching vulnerabilities quickly can prevent malicious attacks.","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/the-sum-of-all-fears-from-vulnerability-to-exploit-the-importance-of-patch-management\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"The Sum of All Fears: From Vulnerability to Exploit, the Importance of Patch Management"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1703","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=1703"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1703\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=1703"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=1703"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=1703"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=1703"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}