The impact of the downadup worm is down to slack patching and not automating patch management.
Chris Schwartzbauer, vice president of Shavlik Technologies, claimed that the problem is that organisations think that they are patched but due to a lack of process with an out-of-band patch some companies were not prepared.
Schwartzbauer said: “The only way to patch securely and prevent vulnerabilities is through automation. Operations staff don't have the time to do anything out of band. The problem is that the executives won't spend the money on the right tools, they think the tools they have are good enough but some tools like WSUS (Microsoft) don't have the fine-grained control to use on critical machines and dynamic machines.
“People didn't deploy the patch as it was out-of-band and people didn't get round to it or have a method to apply it due to not having automated tools, they could be prepared but haven't spent money on it. This exploit is a great example of what can happen if the right automation tools are not being used."
Further, Schwartzbauer claimed that the problem for critical machines is that servers generally run the critical operations for the business, and are a bit fragile, and when they are running, IT staff don't want to take them down any longer than necessary for cost purposes.
He said: “This approach is disastrous in a time when efficiency is paramount. The problem is complicated by the fact that many servers need to perform a sequence of actions if they chose to patch and reboot. Ideally this would happen in the shortest amount of time possible. Tools like WSUS do not have the ability to do this.”
Also, Schwartzbauer said that the problem with dynamic machines is ‘fundamentally that portable (laptops) are offline when vulnerability scans occur and its agent software is not activated.
“Additionally virtual machines have proliferated the number of machines that must be protected; unknown network connections and account privileges persist and unknown applications exist – whether malicious or loaded inadvertently by employees”, said Schwartzbauer.
See original article on scmagazineuk.com
Destruction by the downadup worm was caused by companies not being prepared for an out-of-band patch
The impact of the downadup worm is down to slack patching and not automating patch management, according to Shavlik.
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Microsoft Copilot Partner Hub
Unlock SMB Success with Microsoft Copilot
Partner Content
Australian organisations must act on security – or risk AI ambitions falling flat
Partner Content
What Embracing the AI Platform Shift Really Means
Sponsored Whitepapers
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
