9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
The emerging phenomenon Silent patching represents a major obstacle in the fight against cybercrime. Unfortunately, this is now increasingly being adopted by vendors and cloud providers. Trend Micro
The emerging phenomenon Silent patching represents a major obstacle in the fight against cybercrime. Unfortunately, this is now increasingly being adopted by vendors and cloud providers.
Trend Micro is calling for an end to silent patching – a delay or weakening of public disclosure and documentation of vulnerabilities and patches. This represents a major obstacle in the fight against cybercrime, but is also common among large suppliers and cloud providers.
Organizations are more likely to refrain from assigning a Common Vulnerability and Exposures (CVE) ID to public documents and instead release patches privately. “The lack of transparency or version numbers for cloud services hampers risk assessments and deprives the broader security community of valuable information to strengthen ecosystem security,” said Trend Micro.
Last year, the security specialist warned of the increasing number of incomplete or faulty patches and the increasing resistance of providers to providing information on patches in plain text. That gap has only widened since then. Some companies even give patching a much lower priority, exposing their customers to unnecessary risk.
“Urgent action is needed to prioritize patches, address vulnerabilities, and foster collaboration among researchers, vendors, and cloud providers to strengthen cloud-based services and protect users.”
Source: IT Daily
As an experienced journalist and author, Mary has been reporting on the latest news and trends for over 5 years. With a passion for uncovering the stories behind the headlines, Mary has earned a reputation as a trusted voice in the world of journalism. Her writing style is insightful, engaging and thought-provoking, as she takes a deep dive into the most pressing issues of our time.
