{"id":1289,"date":"2015-05-13T22:06:48","date_gmt":"2015-05-13T21:06:48","guid":{"rendered":"http:\/\/www.halkynconsulting.co.uk\/a\/?p=1289"},"modified":"2015-05-13T22:06:48","modified_gmt":"2015-05-13T21:06:48","slug":"security-patches-internet-explorer","status":"publish","type":"post","link":"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/","title":{"rendered":"Security Patches – Internet Explorer – Act Fast"},"content":{"rendered":"

For lots of enterprises, security patches are a pain to test, a pain to deploy and frequently frustrating when they require downtime for the inevitable system reboots.<\/p>\n

However, security patches are also a significantly<\/strong> important\u00a0mechanism for protecting your environment against attacks. They really are.<\/p>\n

\"Security<\/a>
Security Patches – May 2015<\/figcaption><\/figure>\n

This month, Microsoft have announced 13\u00a0security patches – three of which\u00a0are rated as “critical” by both Microsoft<\/a> and SANS<\/a> despite there being no known exploits in the wild.<\/p>\n

Unfortunately for lots of organisations, this means that they will downgrade the priority and, in some cases, will delay patching for weeks if not months.<\/p>\n

This is a mistake.<\/p>\n

On the day security patches are announced, it is rarely clear if exploits are out in the wild. The nature of vulnerability research means that lots of the specifics are kept quiet and often different researchers hit upon the same vulnerability at the same time.<\/p>\n

The problem is that it isnt JUST the researchers who find vulnerabilities.<\/p>\n

So, on the day the security patch is released, we know that there are “white hat” researchers who can exploit the vulnerability but we dont know if there are any (or how many) nasty “black hat” types have also found it. If Metasploit<\/a> doesnt have a module for the exploit then we sort of guess its not in the wild, but this is just a guess.<\/p>\n

\"Security
Security Patches – IT Plasters<\/figcaption><\/figure>\n

From here things get worse. As soon as patches are released, the bad guys will be able to start reverse engineering the code and building exploits. Worryingly this can happen an awful lot faster than most IT managers would ever imagine.<\/p>\n

It is realistic to assume that within about 24 hours of a security patch being released, high end hackers will have a way of exploiting the vulnerability. Within 48 – 72 hours more will have it and by the end of the first week, exploits will be available to pretty much any malicious hacker who wants it. It might not yet be a metasploit module, but that just means you are safe from the bottom end script kiddies.<\/p>\n

Delaying patches is a massive mistake. Check them, test them and get them into the environment as quickly as possible or make sure you fully understand the\u00a0risks and have some compensating controls in place.<\/p>\n","protected":false},"excerpt":{"rendered":"

For lots of enterprises, security patches are a pain to test, a pain to deploy and frequently frustrating when they require downtime for the inevitable system reboots. However, security patches are also a significantly important\u00a0mechanism for protecting your environment against attacks. They really are. This month, Microsoft have announced 13\u00a0security patches – three of which\u00a0are […]<\/p>\n","protected":false},"author":1,"featured_media":1292,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[5],"tags":[134,140,12],"class_list":["post-1289","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-patching","tag-security","tag-vulns","entry","has-media"],"jetpack_publicize_connections":[],"yoast_head":"\nSecurity Patches - Internet Explorer - Act Fast<\/title>\n<meta name=\"description\" content=\"Security patches are important. The longer you delay deployment, the greater the chance hackers will find a way to exploit your network.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Patches - Internet Explorer - Act Fast\" \/>\n<meta property=\"og:description\" content=\"Security patches are important. The longer you delay deployment, the greater the chance hackers will find a way to exploit your network.\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/\" \/>\n<meta property=\"og:site_name\" content=\"Halkyn Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2015-05-13T21:06:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2015\/05\/patch-151979_1280.png?fit=1280%2C640&ssl=1\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"640\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Halkyn Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@HalkynSecurity\" \/>\n<meta name=\"twitter:site\" content=\"@HalkynSecurity\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Halkyn Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/#article\",\"isPartOf\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/\"},\"author\":{\"name\":\"Halkyn Security\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/3cfcd2267f12bbcce6a10159022c3df2\"},\"headline\":\"Security Patches – Internet Explorer – Act Fast\",\"datePublished\":\"2015-05-13T21:06:48+00:00\",\"dateModified\":\"2015-05-13T21:06:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/\"},\"wordCount\":408,\"commentCount\":0,\"publisher\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\"},\"keywords\":[\"Patching\",\"Security\",\"Vulnerabilities\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/\",\"name\":\"Security Patches - Internet Explorer - Act Fast\",\"isPartOf\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#website\"},\"datePublished\":\"2015-05-13T21:06:48+00:00\",\"dateModified\":\"2015-05-13T21:06:48+00:00\",\"description\":\"Security patches are important. The longer you delay deployment, the greater the chance hackers will find a way to exploit your network.\",\"breadcrumb\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Halkyn Security\",\"item\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"http:\/\/www.halkynconsulting.co.uk\/a\/category\/security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Security Patches – Internet Explorer – Act Fast\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#website\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\",\"name\":\"Halkyn Security Blog\",\"description\":\"Specialist Security & Risk Management Consultants\",\"publisher\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/www.halkynconsulting.co.uk\/a\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#organization\",\"name\":\"Halkyn Consulting\",\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1\",\"width\":\"990\",\"height\":\"170\",\"caption\":\"Halkyn Consulting\"},\"image\":{\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/2329571\",\"https:\/\/twitter.com\/HalkynSecurity\"]},{\"@type\":\"Person\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/3cfcd2267f12bbcce6a10159022c3df2\",\"name\":\"Halkyn Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4126abc936773e5e8bd38e030d54306e161190a7d6166dba7edadb6caf13b504?s=96&d=retro&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4126abc936773e5e8bd38e030d54306e161190a7d6166dba7edadb6caf13b504?s=96&d=retro&r=g\",\"caption\":\"Halkyn Security\"},\"description\":\"Halkyn Security Consultants.\",\"sameAs\":[\"http:\/\/www.halkynconsulting.co.uk\/\"],\"url\":\"http:\/\/www.halkynconsulting.co.uk\/a\/author\/halkyn-consulting\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security Patches - Internet Explorer - Act Fast","description":"Security patches are important. The longer you delay deployment, the greater the chance hackers will find a way to exploit your network.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/","og_locale":"en_GB","og_type":"article","og_title":"Security Patches - Internet Explorer - Act Fast","og_description":"Security patches are important. The longer you delay deployment, the greater the chance hackers will find a way to exploit your network.","og_url":"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/","og_site_name":"Halkyn Security Blog","article_published_time":"2015-05-13T21:06:48+00:00","og_image":[{"width":1280,"height":640,"url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2015\/05\/patch-151979_1280.png?fit=1280%2C640&ssl=1","type":"image\/png"}],"author":"Halkyn Security","twitter_card":"summary_large_image","twitter_creator":"@HalkynSecurity","twitter_site":"@HalkynSecurity","twitter_misc":{"Written by":"Halkyn Security","Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/#article","isPartOf":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/"},"author":{"name":"Halkyn Security","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/3cfcd2267f12bbcce6a10159022c3df2"},"headline":"Security Patches – Internet Explorer – Act Fast","datePublished":"2015-05-13T21:06:48+00:00","dateModified":"2015-05-13T21:06:48+00:00","mainEntityOfPage":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/"},"wordCount":408,"commentCount":0,"publisher":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization"},"keywords":["Patching","Security","Vulnerabilities"],"articleSection":["Security"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/#respond"]}]},{"@type":"WebPage","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/","url":"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/","name":"Security Patches - Internet Explorer - Act Fast","isPartOf":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#website"},"datePublished":"2015-05-13T21:06:48+00:00","dateModified":"2015-05-13T21:06:48+00:00","description":"Security patches are important. The longer you delay deployment, the greater the chance hackers will find a way to exploit your network.","breadcrumb":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/2015\/05\/security-patches-internet-explorer\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Halkyn Security","item":"http:\/\/www.halkynconsulting.co.uk\/a\/"},{"@type":"ListItem","position":2,"name":"Security","item":"http:\/\/www.halkynconsulting.co.uk\/a\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Security Patches – Internet Explorer – Act Fast"}]},{"@type":"WebSite","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#website","url":"http:\/\/www.halkynconsulting.co.uk\/a\/","name":"Halkyn Security Blog","description":"Specialist Security & Risk Management Consultants","publisher":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.halkynconsulting.co.uk\/a\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#organization","name":"Halkyn Consulting","url":"http:\/\/www.halkynconsulting.co.uk\/a\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2011\/07\/Untitled-1.png?fit=990%2C170&ssl=1","width":"990","height":"170","caption":"Halkyn Consulting"},"image":{"@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/2329571","https:\/\/twitter.com\/HalkynSecurity"]},{"@type":"Person","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/3cfcd2267f12bbcce6a10159022c3df2","name":"Halkyn Security","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"http:\/\/www.halkynconsulting.co.uk\/a\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4126abc936773e5e8bd38e030d54306e161190a7d6166dba7edadb6caf13b504?s=96&d=retro&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4126abc936773e5e8bd38e030d54306e161190a7d6166dba7edadb6caf13b504?s=96&d=retro&r=g","caption":"Halkyn Security"},"description":"Halkyn Security Consultants.","sameAs":["http:\/\/www.halkynconsulting.co.uk\/"],"url":"http:\/\/www.halkynconsulting.co.uk\/a\/author\/halkyn-consulting\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.halkynconsulting.co.uk\/a\/wp-content\/uploads\/2015\/05\/patch-151979_1280.png?fit=1280%2C640&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9yHvD-kN","jetpack_likes_enabled":true,"_links":{"self":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/1289","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/comments?post=1289"}],"version-history":[{"count":5,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/1289\/revisions"}],"predecessor-version":[{"id":1296,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/posts\/1289\/revisions\/1296"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/media\/1292"}],"wp:attachment":[{"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/media?parent=1289"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/categories?post=1289"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.halkynconsulting.co.uk\/a\/wp-json\/wp\/v2\/tags?post=1289"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}