Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Why is Patch Management such a Nightmare?

By Archis Gore

What a start we’ve had to 2020.

Somehow, it feels like we’ve stumbled into a cybersecurity war zone. Already we’ve had fresh revelations about voter manipulation that may span 68 different countries; a database leak of personal information affecting over 2 million smart device customers; a raft of new high profile ransomware attacks; and a Windows 10 flaw discovered by the NSA.

Aside from the activities of commercial cybercriminals, there are also concerns about potential rogue government-sponsored cyber-attacks likely to result from the latest heightened international tensions.  

And it’s only January!

It looks like it’s time to buckle up for a bumpy ride through the rest of the year.

That’s certainly the message coming from the World Economic Forum in their latest global risks report. They call out cyberattacks on critical infrastructure as the fifth top risk facing the planet this year. It’s estimated that cybercrime damages may reach $6 trillion by 2021.

But let’s get back to the theme of why patch management is such a nightmare.

It’s an obvious truth that almost all software has bugs and weaknesses that can be attacked or exploited by unscrupulous parties. These broadly fall into two categories.

Zero-day vulnerabilities

These give hackers the opportunity to leverage software flaws that are unknown to (or have not yet been fixed by) those responsible for the code. Some of the most insidious and malicious attacks have been able to exploit these defects with devastating results. The Stuxnet computer worm is a prime example.

Software patches

When a vulnerability is identified, suitable patches are released to fix the issue. It stands to reason that the quicker a patch can be developed and released, the better. Once a flaw becomes public knowledge, the race is on for hackers to work out a way to exploit it.

Fortunately, with open source operating systems like Linux, the supporting community is extremely vigilant and has an enviable record in speedily patching flaws – often releasing fixes on the same day that they are made public.

There is still a problem, however. Not all systems get updated promptly, and the risk factor to unpatched systems grows exponentially with time. Some studies suggest that the average time for organizations to apply patches is around 102 days.

That might sound excessive, but bear in mind that most companies have a lot of software to monitor, audit and manage. There’s also the system testing that’s required for new patches. Normally, all of this is carried out by a small team with a limited budget. So, even if you perform way better than the average, there’s still going to be a significant patch window involved – a period when you could be a sitting duck for unscrupulous hackers.

How to make Patch Management less painful

When you’re in a warzone, whatever other defensive measures you have in place, it makes sense to be wearing some body armor.  The same holds true when it comes to the cybersecurity battle. Polyverse has developed the ideal “bulletproof vest” for your Linux operating system, making your systems impervious to all Zero-day memory assaults (including memory overflows), as well as helping mitigate the patch gap nightmare by stopping attacks before they start.

Polyverse Polymorphing involves running the OS through a polymorphic compiler to scramble the source code during deployment. The result is that each polymorphed OS shares the original source code, but benefits from unique binaries, function locations, CPU registers, and memory layouts. Adding even more protection, it recompiles every 24 hours and automatically pushes patches during the recompile process.

This makes it fiendishly difficult for hackers to crack into. It is also lightweight, flexible, and can be deployed in under 5 minutes. Just like slipping into a bulletproof vest.

It’s pretty clear that we can no longer take a casual approach to cyber-safety. There’s simply too much at stake and the risks are too high. We need to adopt a systematic multi-layered approach to protecting our organizations and businesses. Polymorphing your OS makes perfect sense as the first line of your defensive measures.

Be Aware: read our weekly Breach Report


Interested in learning more?

Be the first to hear about the latest product releases and cybersecurity news.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.