This paper aims to look at unpatched software which represents a significant problem for internet‐based systems, with a myriad malware incidents and hacker exploits taking advantage of vulnerable targets. Unfortunately, vulnerability management is a non‐trivial task, and is complicated by an increasing number of vulnerabilities and the workload implications associated with handling the associated security advisories and updates.
As a step towards addressing the problem, this paper presents an automated framework that is designed to provide a vendor‐independent means of vulnerability notification and rectification for system administrators.
In the proposed framework, incoming vulnerability advisory messages may be obtained from multiple sources, and then filtered and prioritised according to the specific requirements of the target environment (as determined by the security administrator). In addition to notification management, the framework provides an automated facility for the download and deployment of any associated patches. The framework has been implemented in prototype form, with particular focus on the notification manager.
This paper presents an automated framework, providing a valuable and comprehensive solution for managing vulnerabilities in terms of notification and rectification systems.
