Patch Management is the process of applying updates to “software”.

Where “software” includes:

• Operating System software
  • Microsoft Windows
  • Linux distributions
  • Android
  • iOS
  • Network devices (e.g. routers, access points, firewalls, VPN software)

• Application software (e.g. Word, Excel, Outlook)
  • All of the individual applications that run on your PC or Mac
  • All of the individual applications that run on your organisation’s servers
  • All of the individual applications that run on your phone

Patches are necessary to correct errors in the software, these errors are often referred to as “bugs” or “vulnerabilities”.

“Bugs” are typically a logic flaw or error that results in the software not performing as it was intended, perhaps the way that information is presented by an application is not optimal.

For example, when a report is created, the formatting of the report may not be correctly aligned on the page. So, in this example, the application has a flaw – but the consequences of that flaw don’t allow a person with malicious intent (an attacker) to breach an organisation’s security.

“Vulnerabilities” on the other hand, are typically a logic flaw in Operating System software, or an external-facing application (e.g. a Web / Database server) that allow an organisation’s security to be breached.

When a vulnerability is exploited by a person with malicious intent (an attacker), the attacker can obtain access to information or the resources of an organisation, which they normally would not be permitted or able to access.

When a bug or vulnerability is identified by the software vendor, by releasing a “patch”, the software vendor can update their software and resolve or “fix” the bug or vulnerability.

So, patch management is important for the following reasons:

1. Security
   • Patch management fixes vulnerabilities in your software and applications that are susceptible to cyber-attack. Patching software corrects known issues in your software, and this reduces your organisation’s security risk.

2. Resolving bugs
   • Patch management can also fix bugs. Bug fixes ensure that your applications and Operating Systems run more smoothly and deliver the existing features as was intended by the software vendor when the software was initially released.

3. Feature improvements
   • Patch management can go beyond bug fixes to also include new features / functionality updates. In this instance, patches allow you to experience new capabilities that have been added by the software vendor since the software was initially released. Feature improvements are often referred to as “updates”.

Now that we understand what Patch Management is and why it is important for an organisation to perform on a regular and on-going basis, I’d like to introduce the software that we use and recommend to perform Patch Management in Microsoft Windows environments: Action1 RMM

Action1 RMM delivers a comprehensive suite of remote management functionality in a single cloud-based platform.

• Patch Management
  • Automatically detect missing updates and deploy patches across remote workstations and servers.

• Software deployment
  • Manage software and updates distribution via a built-in cloud app store.

• Remote desktop
  • Provide remote support directly from your Web browser without any additional software.

• Real-time visibility
  • Receive alerts, run reports on available updates, processes and configurations.

• Endpoint Management
  • Run commands, Powershell scripts, reboot computers and restart services remotely.

• IT Asset Management
  • See live software and hardware information from the entire network, installed programs and drivers, monitors and printers, and more.

Best of all, Action1 is _FREE_ for the first 100 endpoints and reasonably priced for endpoints above the 100 endpoint limit.

There is no “trick” with the “FREE” statement.

Action1 is aimed at 100+ sized organisations and Action1 have made the decision to offer Action1 RMM at no cost to “small” environments.

So, if you’re an organisation with up to 100 endpoints:

• You get the full product
• No limitations
• And Action1 state that ..“there will be no attempt to monetise these organisations in the future”..

So, let’s have a quick look at Action1’s Patch Management in detail:

1. The first step is to create an account in Action1 and logon to the Action1 portal.
   1. Action1’s URL is: https://www.action1.com/
   2. Login is here: https://www.action1.com/login/
   3. The first time, you need to click on ‘No account, Sign Up here’; underneath the LOGIN button.

2. Once you have created an account and logged in. We need to create a new Endpoint Group

3. The next step is to install the Action1 agent on a computer (the Endpoint) to be managed.
   • There are two options for deploying the agent manually:
     1. Run from a URL on the remote computer (Copy download URL) or
     2. Use an MSI file (Download Agent)
   • It is also possible to automate the deployment of the agent across the organisation, using ‘Agent Deployment’ Deployer. But in this example, I will install the agent manually, so that we can review and understand the process.

4. Once the agent has been installed on the computer to be managed, you go to Endpoints to manage the computer.

5. In this instance, we will perform Patch Management on a computer
   • So, we select the computer from the list of Endpoints
   • Then we click on the small arrow to the left of the computer, to display the Missing Updates (if any)
   • In this instance, there are 9 missing updates
   • Note: Computers do not need to be on-premise (i.e. on the organisation’s LAN) for patch management to be performed. If staff are working from home, patch management can still be undertaken as Action1 is cloud-based.

6. If we click on the arrow to the right of “Missing Updates”, we can see details about the updates
   1. Review the “Status” column, note some of the updates are:
      • New
        1. Yet to be Approved (or Declined)
      • Approved

7. We can go to “Update Approval” to review the New updates and decide whether to Approve or Decline those updates.

8. Review the list of New updates

9. Once we have reviewed and Approved (or Declined) the applicable Updates, we can then return to the computer and click on “Deploy Update”.

10. The “Deploy Update” wizard then begins

In this example, I selected “All”, as I wanted to install all of the available updates for Carmelo’s computer.

11. Next, we need to configure the Reboot options
    • If you select, “Automatically reboot, if required”
      • Action1 will restart the computer after each update where a restart is required.
      • So, if you were installing 9 updates, the computer could potentially restart the computer 9 times!
    • If you would prefer that the computer restarts only once, after all updates have been installed
      • Choose: “Do not reboot automatically”

12. On this screen, we have already selected the Endpoint that we wish to update, so click on “Next Step”

13. On Schedule I’m going to choose “Run Now”, but understand that you have the option to schedule the installation of updates at some later time; and using Policies, you can automate the Patch Management process.

14. Click on “Finish”

15. If you wish, you can then monitor (or later review) a log of the patch installation activity.

16. In this instance, all patches were installed successfully.