Linux security and patching

 

A common question posed by enterprises when it comes to defending against cyberthreats is “Which operating system is most secure?” There are only a few major operating systems (OSs) available, so enterprises aren’t left with many choices. Out of the big three OSs, one has to be the most secure—right? Across enterprises, the most prevalent OSs are:

  • Microsoft Windows, the most popular OS among the three, but also the one with the most vulnerabilities.
  • macOS, the unix-based OS that powers Apple systems.
  • Linux OS, which covers all Linux distributions (distros).

According to statistics from NetMarketShare, 88 percent of all computers run on Windows. This OS’s widespread use makes it an easy target for malware, as seen with the WannaCry and NotPetya attacks in 2017. And contrary to popular opinion, macOS is not immune to attacks—in fact, Mac malware is on the rise. That leaves Linux which, unlike Windows and macOS, has open-source development. Out of the box, Linux is much more secure since it has a global community of users who review the code and make sure there aren’t any bugs or backdoors present.

Linux is one of the safest OSs in the industry right now; for this sole reason, many servers are being deployed with Linux OS rather than the conventional Windows OS. According to Wired, around 67 percent of web servers worldwide run on Linux. Linux security isn’t easy to breach, but it is still susceptible to malware attacks, including those from applications installed in the systems that have root access; these are the applications that have the potential to spread malicious packages in Linux OS. Based on reports from AV-TEST, by the end of the second quarter of 2016, the malware detected for Linux alone had increased two-fold when compared to the previous year. That’s why businesses that run Linux OS need to understand the importance of Linux patching.

How are these Linux vulnerabilities being tackled?

Linux patches and hotfixes are released periodically to address bugs and vulnerabilities. For example, Red Hat Enterprise Linux (RHEL) has released 452 security advisories this year.
 
A patching solution for Linux security

Manually checking for update releases from OS vendors and applying them is a cumbersome task. The real problem arises when organizations have multiple endpoint systems connected to their network. What IT admins need is a good Linux patch management solution that is versatile and has a vast repository of supported software applications, so enterprises can have peace of mind when it comes to Linux security.

How Patch Manager Plus can help

Patch Manager Plus is a well-rounded product that offers great reliability and complete control over patches. With Patch Manager Plus, admins can deploy, roll back, or decline patches for a specific group of machines. Here are some of the features that make Patch Manager Plus stand out:

  • Automated patching for Linux as well as Windows and macOS.
  • Patch testing and approval to avoid deployment failure.
  • Policies for scheduling patch deployment.
  • Predefined reports for patches, systems, and configurations, as well as customized reports.

Current statistics show that about 75 percent of Linux users have deployed one of the major flavors of Linux—Ubuntu, Debian, Red Hat or CentOS—in their environment. Most patch management solutions on the market don’t support these Linux distros. Patch Manager Plus, on the other hand, offers support for these major Linux distros in addition to Windows and macOS.