Can't attackers create malicious micropatches and deploy them to my computers?

mitja.kolsek -

All micropatches are digitally signed with our patch signing key before they get deployed to agents. 0patch Agent checks this signature twice: first when it downloads a micropatch (if invalid, the micropatch is discarded), and every time a micropatch is to be applied to a process (again, if invalid, it refuses to apply it).

The patch signing key is not stored on the server, so even if someone breaks into our distribution server, they won't be able to plant a micropatch that would be accepted by agents running on users' computers.

Finally, we currently create all micropatches in-house, so if you trust our team, you can trust our micropatches to be well-intentioned (we know a single malicious micropatch could destroy our business). While we're reaching out to security researchers for collaboration on writing micropatches - yes, micropatching all those vulnerable products will take more effort than we have in-house -, any externally supplied micropatches will undergo our rigorous scrutiny in terms of effectiveness (does it actually fix the security issue?), non-maliciousness (it should do no harm), and many other properties such as security (it should not introduce a new vulnerability) efficiency (does it solve the problem in a resource-friendly way?), reviewability (is it easy to read and understand?), smallness (is it as small as possible?), and non-interference (it should not have unwanted functional side effects).

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.