Operating System Level vulnerabilities Remediation in Microsoft Products like Workstation and Application Part 2…

Let’s understand how Workstation and Application like Office 365 patch deployed by Workstation team.

Here, we will discuss how patching accomplished in real world over workstations/ Endpoints/ End-users machines.

A. Major difference between servers and workstations patching is servers patched in N-1 cycle (in current month, team will install previous month patches) or most of the organization follow this.

B. But in respect of workstation, they will patched in same month and follow patch cycle N (Current month patches will install in the same month).

Now, we will know Enterprise way and discuss how servers team and VM team managing monthly patching over thousands of Workstation at one time….

1. They will first collect the all required fixes details from the tool Qualys, Rapid7, SCCM, BigFix, Intune.
2. Most suitable or confirmed way is to request vulnerability management Team for scan the workstations against Monthly updates
3. They will provide you the exact list of kB articles which required to deploy over workstations that will not only tell kernel update, they will also tell you other released updates as well which required.
4. Then, workstations team will request to the lead or the owner against the fixes for the approval.
5. Next and most important part is implementation that will perform in phases of workstations. Because wokstion are not in hundreds so team will push the patches in batch of one thousand or two thousand of machines. That is mainly depend over many factor like network bandwidth, also monitor is there any issue is occur due to monthly patching. So that they can stop other batches.
6. In this point, Team will raise a CHANGE request for awareness and Activity Like:- PKG downloading and notify user to reboot your machines or threwise after 5 hours your system will reboot forcely by SCCM or BigFix Agent.
7. That will be Validate by Vulnerability management after 48 hours of pathing if Agent installed or if you have scanners then you can start scanning after 72 hours.
8. And if you found few workstations which are still pending for the monthly patching, best way raise a request in workstations team’s bin or start a mail drill for completion of this activity.
9. Now you can repeat 7 and 8 steps until all workstations are not going to fixed.

We will see you in next part with you for Microsoft Application related patching.

Continued

Operating System Level vulnerability Remediation in Microsoft Application servers

Thanks