Vulnerability checking involves proactively identifying security vulnerabilities in a system to determine if and where a system can be exploited and/or threatened. All software, including both the operating system and any installed applications, has the capacity for being vulnerable to a number of attacks such as cross-site scripting, SQL injection or command execution. In order to prevent exploitation, the Information Security Office recommends utilizing a set of tools to look for known vulnerabilities and can automatically apply the appropriate patches for you:
WSUS (Windows System Update Service) is a system for distributing Microsoft security patches to workstations and servers. Machines can be pointed to the University’s WSUS servers for their updates via either a registry modification or by applying a group policy (GPO).
Solarwinds Patch Manager is linked with WSUS for 3rd party application patching. EminentWare extends the capabilities of the WSUS system by allowing for delegated patch administration and providing advanced reporting features.