Patch. The. Things.

Started by deanwebb, May 12, 2023, 09:33:28 AM

Previous topic - Next topic

deanwebb

Just read about a vulnerability in PaperCut, a paperwork reduction tool with a name that makes me cringe in pain, that's permitted a massive spike in ransomware among the customers of that product.

The fix is easy: apply the patch. What's difficult is knowing that the patch is needed, what with all the other alerts and emails everyone gets every day. What's also difficult is that the patch has to get scheduled, so as not to impact things... but then the ransomware guys get in before that window and then REALLY impact things.

I am sick of "five nines" metrics and philosophies. You get five nines until you DON'T, and then it stops hard. Really, really hard. After four days of outage due to ransomware, you're on one nine, the first one. Good news is that the outage has to be 36.5 days to lose that first nine, so you'll likely keep it.

I can get missing a notification when one is overwhelmed, especially in the public-sector, low-budget environments that are PaperCut's prime customer base. But when the notification to patch gets through, do not delay is my thinking. Apply at once and clean things up afterwards. If things go out, just call it "emergency maintenance" and it'll be up in a day or less. Yes, you took a performance hit, but no data was lost or stolen in the process. It's a good hit to performance, the way I see it.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.