System and method for patching a device through exploitation
First Claim
Patent Images
1. A method comprising:
- identifying a vulnerability in a computing device;
accessing a vulnerability exploitation mapped to the identified vulnerability, wherein the vulnerability exploitation comprises pre-identified computer-executable scripts or routines specifically provided to target the identified vulnerability in the computing device to thereby resolve or reduce the identified vulnerability, wherein, once executed, the pre-identified computer-executable scripts or routines of the vulnerability exploitation automatically change an operating mode of the computing device from an operating mode with less privileges to an operating mode with increased privileges;
at the computing device, executing the pre-identified scripts or routines of the vulnerability exploitation and, through execution of the pre-identified scripts or routines of the vulnerability exploitation causing an entering into an operating mode of escalated privileges within the computing device; and
while in the operating mode of escalated privileges, updating the computing device with a vulnerability resolution that functions to automatically use the escalated privileges to resolve or reduce the identified vulnerability.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method that includes identifying a vulnerability in a computing device; accessing a vulnerability exploitation mapped to the identified vulnerability; at the computing device, executing the vulnerability exploitation and entering an operating mode of escalated privileges; and while in the operating mode of escalated privileges, updating the system with a vulnerability resolution.
176 Citations
19 Claims
-
1. A method comprising:
-
identifying a vulnerability in a computing device; accessing a vulnerability exploitation mapped to the identified vulnerability, wherein the vulnerability exploitation comprises pre-identified computer-executable scripts or routines specifically provided to target the identified vulnerability in the computing device to thereby resolve or reduce the identified vulnerability, wherein, once executed, the pre-identified computer-executable scripts or routines of the vulnerability exploitation automatically change an operating mode of the computing device from an operating mode with less privileges to an operating mode with increased privileges; at the computing device, executing the pre-identified scripts or routines of the vulnerability exploitation and, through execution of the pre-identified scripts or routines of the vulnerability exploitation causing an entering into an operating mode of escalated privileges within the computing device; and while in the operating mode of escalated privileges, updating the computing device with a vulnerability resolution that functions to automatically use the escalated privileges to resolve or reduce the identified vulnerability. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
identifying a first vulnerability in a system; exploiting the first vulnerability using a pre-identified set of escalated code execution privileges mapped to the first vulnerability, wherein the set of escalated execution privileges are accessible through the first vulnerability for the purpose of resolving or reducing the first vulnerability; establishing a reference monitor during the escalated code execution privileges; identifying a second vulnerability in the system; entering an operating mode of escalated privileges through the reference monitor on the system, wherein the escalated privileges of the operating mode are different than the set of escalated execution privileges mapped to the first vulnerability; and while in the operating mode of escalated privileges, updating the system with a vulnerability resolution of the second vulnerability. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for patching a computing device in a closed system administration ecosystem comprising:
-
collecting data object identifiers of the computing device at a first instance; querying, using the collected data object identifiers, a map of object identifiers to vulnerabilities and identifying at least one vulnerability associated with at least one of the collected data object identifiers; accessing a vulnerability exploitation mapped to the identified vulnerability, wherein the vulnerability exploitation comprises pre-identified computer-executable scripts or routines specifically provided to target the identified vulnerability in the computing device to thereby resolve or reduce the identified vulnerability, wherein, once executed, the pre-identified computer-executable scripts or routines of the vulnerability exploitation automatically change an operating mode of the computing device from an operating mode with less privileges to an operating mode with increased privileges; at the computing device, executing the vulnerability exploitation and entering a first operating mode of escalated privileges through the vulnerability exploitation; and while in the first operating mode of escalated privileges, updating the computing device with a first vulnerability resolution of the at least one vulnerability and establishing a reference monitor; collecting data object identifiers of the computing device at a second instance; identifying a second vulnerability from the data object identifiers of the computing device at a second instance; entering a second operating mode of backdoor escalated privileges through the reference monitor, wherein the second operating mode is different than the first operating mode; and while in the second operating mode of backdoor escalated privileges, updating the system with a second vulnerability resolution of the second vulnerability, wherein the second vulnerability resolution is different than the first vulnerability resolution.
-
Specification