Patch and Vulnerability Management

In addition to other protection measures published here, the up-to-dateness of the operating system, the installed applications and plug-ins is important for the security of IT Systems. To prevent existing vulnerabilities being exploited by malicious software or a potential attacker, the timely installation of up-to-date security patches is indispensable.

All modern operating systems offer not only a manual update but also the possibility to automate the update process. The operating system regularly connects to the manufacturer via the Internet and checks for the presence of new updates and then installs them independently.

For updating Windows operating systems, the SCC provides a central service from Microsoft, with which all connected computers can be supplied with new updates via the university network.

The necessary steps for the use can be found here (Only in German):
Microsoft Windows Server Update Services (WSUS)

The Central Desktop Management of the SCC provides all centrally managed systems with updates automatically and promptly.

The SCC uses the alert service of the DFN-CERT and other sources of information on current threats and security vulnerabilities and passes on relevant information to those responsible for the System.

IT systems - especially central servers - are regularly checked by SCC with a vulnerability scanner.