A Week Is A Long Time In Cybersecurity: From Patch Tuesday To Uninstall Thursday

by | Aug 11, 2021 | Thought leadership, Cartoons

For nearly two decades, ‘Patch Tuesday’ has been a monthly fixture in the global cybersecurity calendar. On the second Tuesday of every month, Microsoft and other software vendors release a range of software fixes – some of which deal with critical vulnerabilities. As such, it’s a regular opportunity to address emerging risks for IT and security professionals the world over.

The issues covered on Patch Tuesday can be extremely diverse and focus on applications and services right across the Microsoft portfolio, from Word and SharePoint to Windows, Edge and Azure. This week, for example, Microsoft released 44 security fixes, seven of which were considered ‘critical’. In addition, three of the fixes were identified as zero day, so unknown to organizations that could be vulnerable. 

Important as Patch Tuesday has become, it has also given rise to the regular emergence of new risks and vulnerabilities as quickly as 24 hours later. Known as ‘Exploit Wednesday’, it has become the ideal time for cybercriminals to develop further exploits for systems that haven’t been updated.

The story doesn’t end there, however. Part of the challenge with fixes and updates is that they can cause critical performance issues for some of the users who have downloaded them. As these issues are identified, IT teams use ‘Uninstall Thursday’ as the time to remove the components in question to get their systems running normally again. In general, Microsoft will quickly release additional ‘hot fixes’ for these problems so users can close any security blindspots without impacting their software infrastructure.

Zero Tolerance For Zero Day

While this is an important process for fixing vulnerabilities, it also underlines the risks that Zero Day exploits present – not just when they are fixed on Patch Tuesday, but at any time. These vulnerabilities are particularly dangerous because they are unknown to the organizations and individuals being targeted. 

Making the problem even worse is that it takes an average of 18 days for this malicious content to become known by anti-virus solutions. Meanwhile, sandboxing exposes organizations to risk from advanced malware and disrupts business productivity.

‘Cybersecurity blindspots can remain undetected for up to 18 days before antivirus and sandboxing systems are updated’

As a result, many organizations become ideal targets for zero day attacks, when even a few hours or days can prove catastrophic, leaving them scrambling to fix blindspots after the fact.

With nearly 70% of malware found embedded within files of an unknown variant when it is received – effectively making it invisible to reactive cybersecurity technologies – security teams need to be given advanced tools so they can take a proactive posture to the risks posed by zero day vulnerabilities.

Glasswall takes a proactive approach to file based threats. Our CDR technology instantly cleans and rebuilds files to match its known good industry spec – automatically removing potential threats. This simple approach ensures every document entering your organization is safe, without sacrificing productivity. 

To read more about how to build a zero tolerance approach to cybersecurity, click here.

Related

What is Glasswall CDR?

Embedded Engine

CDR Platform

Solutions

REST APIs

Email Security

Threat Intelligence

Plug-ins

CDS Plug-in

ICAP Plug-in

Menlo Plug-in

Palo Alto Plug-in

apps

Apps

Clean Room

Desktop

Why CDR?

We believe people should be free to open their files without fear. Glasswall CDR takes a proactive approach to automatically remove all Zero-day threats from files, without sacrificing productivity.

Use Cases

Secure Email

File Uploads and Downloads

Malware Risk Removal

Metadata Removal

Cybersecurity Crisis Response

Cybersecurity Crisis Prevention

Cloud Native Integrations

Data Migrations

SDK Integration

Resource Library

Blog

Events

support lines

Support

Glasswall CDR Portfolio

Reactive cybersecurity is failing - it’s time for a better way. Traditional detection-based security methods play catch up with new threats. Find out how your organization can take a proactive approach to cybersecurity.

strategic alliances

About our Partner Program

Our Partners

Become a Partner

Bringing File-based threat protection to your customers

Offer a richer security portfolio with the most agile CDR platform on the market. Stand out from the competition with a partner program built for you. Let’s make files safer together.

About Glasswall

Our People

Careers

communication

Contact Us

support lines

Support

Raising the bar on file security

We believe people should be free to open their files without fear. To click on anything without risk of catastrophe. To use systems the way they were meant to be used. That’s why we’re raising the bar on file security at Glasswall.