All Posts

5 posts

Patch Management 1.3 New Features

This release of Qualys Patch Management version 1.3 includes new features, highlights as follows.

  • Patch Scheduling enhancement: “No Patch Window” – When scheduling a patch deployment, instead of having to specify a Patch Window time frame, you can select “None”.  This will allow a job to continue to run until all of the Assets in the job are able to perform the deployment, instead of timing out at the end of the Patch Window. This is especially useful in situations where you have an emergency patch that absolutely must be installed as soon as possible.  If an Asset is offline when the job is set to run, it will run the job once the  Cloud Agent checks in again.
  • Suppress reboot – You can choose to suppress the reboot notification and subsequent reboot after a patch deployment.  This feature allows you to deploy patches, and then use another mechanism to restart the Assets.  Any Asset that has the reboot suppressed will still report the Reboot Required flag to the platform.
  • Create Job in “Enabled” state – Previously, you would create a Deployment Job in a Disabled state, and then Enable the job from the Jobs screens.  Now, you can choose to have the Job saved in an Enabled state, reducing the amount of clicks required to start a Job.
  • Opportunistic Patch Download – When creating a Job, you can now opt to have the Cloud Agent download the patches in the background before the job runs, reducing the amount of time the job takes to complete.

Continue reading …

May 2018 Patch Tuesday – Medium Weight, However One Active Exploit Needs Attention

Microsoft and Adobe LogosThis May’s Patch Tuesday has quite a few Microsoft fixes for both the OS and browsers.  In all, 67 unique CVEs are addressed in 17 KB articles, with 21 CVEs marked Critical.  32 of these CVEs reference Remote Code Execution, 19 of which are Critical. Those who use Hyper-V have some updates to pay attention to as well.

Continue reading …

A “Patch for the Meltdown Patch” released out of band Thursday night

Meltdown and Spectre Aren’t Business as UsualThe Meltdown/Spectre saga continues…  

Late Thursday, Microsoft released a patch for Windows 7 and Server 2008 R2 operating systems to resolve CVE-2018-1038Apparently, this vulnerability was actually introduced by the patches released in January to mitigate the effects of Meltdown. Microsoft did include a partial fix in the March updates on Patch Tuesday, but did not completely resolve the issue.

Continue reading …

December 2017 Patch Tuesday: Quiet End to the Year

This December Patch Tuesday is considerably lighter than last month’s patch releases.  While only three of the fixes were for Windows operating systems, the majority of the vulnerabilities to pay attention to are Browser/Scripting Engine-based.

Overall, this month’s updates address are fixes for 32 unique CVEs, 19 of which are critical, and 24 of which address remote code execution at varying severity levels. No active exploits are listed by Microsoft again this month.

Continue reading …

November Patch Tuesday: 53 Vulnerabilities and a Massive Adobe Update

This November Patch Tuesday is moderate in volume and severity.  Microsoft released patches to address 53 unique vulnerabilities, with 25 focused on Remote Code Execution fixes. Windows OS receives 14 patches, while the lion’s share is focused on Browsers, Microsoft Office, and Adobe. According to Microsoft, there do not appear to be any actively attacked vulnerabilities in the wild in this patch release.

Continue reading …