• White paper: How to use Trend Micro Vulnerability Protection to patch virtually

    An interesting PDF (link below) from Daniel Portenlanger:

    Microsoft’s new patching policies have introduced new challenges to keeping Windows endpoints safe. Patches are now a cumulative package instead of small individual fixes. Should a cumulative group of patches break functionality, removing the cumulative removes the entire group of patches reintroducing vulnerabilities. Additionally, products like WSUS only support Microsoft products and not third party software. Lastly, systems may not be able to be taken offline immediately to apply patches. This is where virtual patching fills the gap.

    The version of Vulnerability Protection in this document is self-hosted and integrated with the endpoint security product Officescan. The product demonstrated here was implemented because the customer had a license. There was no evaluation of competing products. This primer simply describes how Trend Micro Vulnerability Protection virtual patching works and why virtual patching is useful in between patch cycles. In this example, Adobe, Microsoft and others recently released a patch for a critical Flash Player flaw.