Automatic detection and patching of vulnerable files
First Claim
1. A processor-readable medium comprising processor-executable instructions configured for:
- receiving a binary signature;
receiving a security patch;
identifying a vulnerable binary file on a computer based on the binary signature; and
updating the vulnerable binary file on the computer with the security patch.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are described that enable patching of security vulnerabilities in binary files. The detection and patching of vulnerable binary files is automatic, reliable, regression free, and comprehensive across networks on an unlimited scale. These advantages can be realized in various ways including, for example, by leveraging current anti-virus infrastructure that is widely deployed across the Internet. Reliable discovery of vulnerable binary files (e.g., in operating systems, application programs, etc.) is achieved through the use of binary signatures that have been associated with discovered security vulnerabilities. A divergence of security patches away from conventional service packs provides for the possibility of production of regression-free fixes for security vulnerabilities in binary files.
70 Citations
33 Claims
-
1. A processor-readable medium comprising processor-executable instructions configured for:
-
receiving a binary signature;
receiving a security patch;
identifying a vulnerable binary file on a computer based on the binary signature; and
updating the vulnerable binary file on the computer with the security patch. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A processor-readable medium comprising processor-executable instructions configured for:
-
receiving a binary signature that identifies a security vulnerability in a binary file;
receiving a security patch configured to fix the security vulnerability in the binary file; and
distributing the binary signature and the security patch to a plurality of servers. - View Dependent Claims (9, 10)
-
-
11. A processor-readable medium comprising processor-executable instructions configured for:
-
receiving a binary signature from a server;
searching for the binary signature in binary files;
sending a request to the server for a security patch if a binary file is found that includes the binary signature;
receiving the security patch from the server; and
updating the binary file with the security patch. - View Dependent Claims (12)
-
-
13. A method comprising:
-
receiving a binary signature;
searching for a vulnerable file based on the binary signature;
if a vulnerable file is found, requesting a security patch; and
fixing the vulnerable file with the security patch. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A method comprising:
-
receiving a binary signature and a security patch from a distribution server;
searching on a client computer for a vulnerable file associated with the binary signature; and
if a vulnerable file is found, fixing the vulnerable file with the security patch. - View Dependent Claims (21, 22)
-
-
23. A computer comprising:
-
means for receiving a binary signature;
means for searching for a vulnerable file based on the binary signature;
means for requesting a security patch if a vulnerable file is found; and
means for fixing the vulnerable file with the security patch.
-
-
24. A server comprising:
-
means for receiving a binary signature and a security patch from a distribution server;
means for scanning a client computer for a vulnerable file associated with the binary signature; and
means for fixing the vulnerable file with the security patch if a vulnerable file is found.
-
-
25. A computer comprising:
-
binary information;
a scan module configured to receive a binary signature and scan the binary information for the binary signature; and
a patch module configured to request a security patch and install the security patch if the binary signature is found in the binary information. - View Dependent Claims (26, 27)
-
-
28. A computer comprising:
-
binary files;
a binary signature; and
a security patch module configured to receive the binary signature from a server and to scan the binary files in search of the binary signature. - View Dependent Claims (29)
-
-
30. A distribution server comprising:
-
a database; and
a distribution module configured to receive a binary signature and a security patch, store the binary signature and the security patch in the database, and distribute the binary signature and the security patch to a plurality of servers. - View Dependent Claims (31)
-
-
32. A server comprising:
-
a binary signature associated with a security vulnerability in a binary file;
a security patch configured to fix the security vulnerability in the binary file; and
a scan module configured to scan binary files on a client computer for the binary signature and to update the binary file with the security patch if the binary signature is found. - View Dependent Claims (33)
-
Specification