It was reported yesterday that Adobe has once again issued a critical patch for it’s Flash Player browser plugin due to a vulnerability that is being actively exploited to deploy malicious software. We’ve written before about the dangers of Flash and even Adobe has announced it will end support for the software at the end of 2020. However, while many security-minded professionals have heeded the advice to remove or enable click-to-run for this plugin, others have not. Many organizations still rely on websites and software that utilize the plugin for needed functionality and can’t simply remove the software entirely.
For those running Flash versions 18.104.22.168 and earlier, the time to patch is now. This might be simple enough for a home user, who needs to simply make sure they hit the update button, but what about in a corporate environment? Do you know which devices have Flash installed and whether the latest updates have been applied? Can you expect each user will update on their own? Do they have the access permissions to do so? Without a fully developed patch management process and the tools needed to gain this visibility, it can be difficult for organizations to know which devices may be vulnerable and which they need to address with a patch. Manually going from computer to computer to check version number and update the software if installed isn’t a scalable solution. What’s more, there may be critical vulnerabilities on your network that haven’t made major headlines and you may not even know about yet.
Fortunately, Cygilant’s Unified Vulnerability and Patch Management can simplify the process of identifying, prioritizing and deploying necessary patches. Our team of security experts can scan your network for vulnerabilities and available patches across your network. We provide a link between vulnerabilities and the patches that address them to prioritize which patches are most critical to deploy first based on risk to your organization. We provide an auditable change management workflow and automate patch deployment.
Learn more about how unified vulnerability and patch management can help reduce your attack surface in the free whitepaper: