Defender ATP definition updates

I use a patch-only policy in Automox that runs daily for patching important things that never need a reboot when installed - such as Defender (KB2267602, KB915597), the Servicing Stack, and Zoom.

2020-10-02 12_11_10-Window1190×400 31.5 KB

Patching Zoom Daily? I get why…what about browsers? Daily? Weekly?

Browsers don’t have critical vulnerabilities that often, and one of the pain points of patching browsers often (especially Firefox) is that they sometimes require the browser to restart which can be annoying to users. Personally I’d be fine with a monthly schedule for them but it’s up to you and your business’s security policy. As long as you keep an eye out on patch Tuesday for critical CVEs that might relate to browsers and then patch those right away.

Well, that’s kind of left over from when everyone was transferring to Zoom at the beginning of Covid. They were putting out security fixes constantly. They seem to have things secure and stabilized these days and that’s probably not a necessary daily update. On the other hand, since it won’t patch if it’s in use, it seems like it’s worth trying to patch it as often as possible to try and catch it when it’s not in use by your users. It’s up to you on that one, that was just my use-case.