First, WSUS should be able to patch Office products now. At least, that's what we use.
Second, if you already have a means to deploy applications to desktops from a central controller, you probably want to keep leveraging that process. Think Altiris, VDI or the like. Then the hard part is really finding out when new versions have been released, and that's where something like Secunia fits in nicely. Let whomever does the rollouts know there is an update, and they can work it into their schedule. *From:* [email protected] [mailto: [email protected]] *On Behalf Of *Jody & Jennifer McCluggage > *Sent:* Friday, September 04, 2009 5:13 PM > *To:* 'PaulDotCom Security Weekly Mailing List' > *Subject:* [Pauldotcom] 3rd party application patching tools for Windows > > > > Hello everyone, > > > > A few episodes ago Carlos made the excellent observation that many > organizations do not have a centrally controlled automated strategy for > patching 3rd party (non-Microsoft) applications on Windows. He correctly > pointed out that Microsoft/Windows Update and WSUS does not patch 3rdparty > applications. As late as last year, the number one application attack > vector was Office. But according to one recent survey, this year the number > one application attack vector were made up of some ubiquitous Adobe products > (probably not a surprise to anyone here) so obviously patching only > Microsoft products is no longer a viable solution. > > > > Does anyone have any recommendations of any products (commercial or open > source) that are appropriate for small to mid-size organizations that can > centrally deliver approved 3rd party application patches to Windows > machines? > > > > Thank you, > > > > Jody >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
