Endpoint Patching and Ivanti Restart Prompts
On 12/13/21 the DAR IT team identified attempts to exploit a software vulnerability on some of our devices less than 24 hours after the vulnerability had been publicized to the industry; thankfully those attempts were not successful. Think about it, less than 24 hours after a vulnerability became publicly known in the industry, we are identifying attempts to exploit it on some of OUR computers.
Keeping software and operating systems up to date and patched is one of the most effective ways to mitigate known vulnerabilities. Based on the activity the team identified, IT has requested they change our Ivanti configuration to force a device/endpoint restart after it has been pending for 2 days instead of allowing a user to delay the restart up to 10 days. While the preference is for everyone to allow a reboot the day they are prompted, 2 days is an acceptable compromise between convenience and security. IT will be more than happy to discuss this process change if needed and always appreciate everyone’s assistance and understanding as we adjust.
As always, please reach out to firstname.lastname@example.org if we can be of service. Please also take the time to ensure personal devices in your household are being patched and updated regularly.