Why Server level patching is important?

By VijayaBalaji Sekar

In today’s world, security is one of the top priorities in a business. No matter what, it’s obvious we spend a certain amount of time to prevent hackers from stealing our sensitive information. But sometimes the most important solution may seem trivial. We have all seen it happen, data being stolen for malicious purposes which was mainly by the vulnerabilities that can easily be exploited by the hackers. That so-called trivial solution is the security patching.

Yeah, I get it. “Security patching” doesn’t seem fun and most commonly ignored but it is a prime solution. Patching is a process of updating your software/ applications or operating systems which closes the vulnerabilities found. Patch is a piece of code to be installed which basically fixes the bugs and issues found in the software/applications.

What’s so important about Security Patching?

Hackers exploits the vulnerabilities found in the system/server and attacks the network which may take an entire company down. This can be prevented by Security patching.

Recently I found a list of Java process utilized 100% of CPU. The command of that process resembled that of mining cryptocurrency. Despite restricting all the ports, java process kept on running consuming high CPU. We tried Killing the process and yet it automatically creates after a couple of hours. Restricted the access to the server that the java process is pointing, but the process kept running.

Finally, found the issue which was due to the vulnerability in oracle WebLogic 10.3.6. All the application using this oracle WebLogic 10.3.6 has vulnerabilities which Oracle accepted globally. The process kept running even after using different firewalls and restricted ports. This type of vulnerability causes decrease in performance and resources and costs money for an organization. Because in cloud, money is charged based on the amount of data transferred in cloud.

Installed the oct-17 PSU patch by oracle a critical patch update which patches multiple vulnerabilities

 

Patch 26519424: SU Patch [FMJJ]: WLS PATCH SET UPDATE 10.3.6.0.171017

Security is an important aspect in any IT organization. Patching a server/ application hardly takes a couple of minutes which helps preventing the cyber threats in the long run.