Emergency Microsoft Patch, Pros & Cons of Security Patches

Earlier in March we rushed through an emergency Microsoft Exchange Server patch to protect our customers from a serious vulnerability. With increasing cybersecurity threats, it is more important than ever for businesses to implement security patches in a timely manner. What are the pros, cons and considerations for implementing these properly?

March 2021, Microsoft Exchange Server Vulnerability Emergency Patch

Microsoft released an emergency patch for the flaw earlier in March, just one day after Senior Threat Intelligence Analyst at Microsoft, Kevin Beaumont sounded the alarm when he discovered a significant number of servers were vulnerable and easily "pwned" (a term used in the computer security world to describe a compromised device). Beaumont wrote: "It's time to panic. Big time."

As this particular attack is so severe because it can be automated, Microsoft has even released patches for older systems that are no longer supported. This vulnerability of Microsoft Exchange servers gives the attacker access to Active Directory.

The reality is that regardless of the operating system, all software has bugs - some of which can be exploited by increasingly sophisticated hackers. In its 2016 bug bounty report Microsoft said it paid $1.5 million to the security community for reporting vulnerabilities in products including Windows, Internet Explorer, Edge and Office. Products such as Exchange and SharePoint are more complex than other software because they need to be integrated with other systems. They also require more rigorous testing to ensure nothing breaks when a new update is applied - and customers don't like changes to their production systems without good reason.

With increasing cybersecurity threats, it is more important than ever for businesses to implement security patches in a timely manner.

Benefits of Security Patches

• Bolster your security measures. Security patches bring improvements to existing software that makes it more secure against cyberattacks.
• Include valuable bug fixes. A security patch may also include bug fixes for existing problems in an application or programs that are often overlooked or difficult to fix during the regular development process.
• Prevent glitches. Some security bugs can cause programs to stop working properly or slow down the computer. Patching prevents new problems from occurring in a system.
• Improve system performance and stability. Stability is critical to having an efficient and productive infrastructure, so businesses can be more confident that their vital information will not suddenly become inaccessible due to update errors or program bugs.
• Compliance with regulations and standards. Security patches also have an effect on compliance with industry regulations and standards, as well as specific laws regarding data security practices for specific industries, such as medical records practitioners and insurance providers.

Drawbacks of Security Patches

• Some users often postpone applying security patches because they can cause glitches and problems. Whilst this can be true at times, follow up issues are usually resolved promptly. It is good practise to ensure that your environment is fully backed up prior to installing patches. Delaying critical updates too long can leave your business and data vulnerable to cyberattacks.
• If users don't follow the proper steps when installing patches, they can cause more problems than they solve. For example, an update may overwrite older versions of files that were not compatible with the updated version. Ensure that the installation instructions and changelogs are always reviewed prior to applying patches.
• It can impact other critical business systems or legacy software in another unknown way, which your business may rely on. Updates have been known to introduce software compatibility issues for older, unsupported software.

Tips to Help You Install and Maintain Patches

There are several steps that a business can take before installing any individual security patch. For example, you might consider:

• If you have doubts on the effects on mission critical or legacy software, we recommend you sandbox the update to test it on an exact copy of your own environment to see if any bugs are introduced and troubleshoot them before applying to your live system.
• Reviewing instructions and changelogs carefully when considering security patches. Look for important details during installation that can make your system more secure and prevent glitches from occurring. Important bits of information include the company name, email address, operating system, and version number of the patch as well as how often it will be updated -- i.e. weekly or monthly.
• Keep up to date with industry discussions around critical updates. Other users and administrators can be a great source of information, often providing public feedback and assistance.
• Keeping multiple copies of data backups on hand, including one off-site. This can help prevent a serious security flaw from compromising all your business data at once.
• Ensure you have a robust disaster recovery plan. DC Two offers a host of backup and disaster recovery options to our clients.

Our technical and security team here at DC Two remain vigilant, with automated and manual monitoring of all systems as well as redundancies and fail safes to ensure our own client data always remains safe and secure.