Critical Patch Management: Closing the Door on Exploits

Unpatched software remains one of the leading causes of enterprise breaches in 2026. Attackers no longer rely solely on zero-day exploits; they increasingly target systems with patches available but not applied.

On January 29, 2026, a breach of SmarterTools illustrates the risk precisely: the entry point was a single forgotten virtual machine that had not been updated, compromising 12 Windows servers across the company’s office network and a secondary data centre. The Warlock ransomware group exploited a critical authentication-bypass vulnerability (CVE-2026-23760, CVSS 9.8) to gain administrative control, move laterally across the network, exfiltrate over 1,000,000 sensitive documents, and deploy ransomware across the Windows infrastructure.

Risks Involved for Unpatched Systems

1. Known Vulnerability Exploitation: Attackers scan for unpatched software online and exploit vulnerabilities within hours or days of disclosure.

2. Attack Surface Expansion: Systems not updated, including legacy and internet-facing services, create easy entry points for ransomware and credential compromise.

3. Supply Chain Impact: Even one unpatched server can provide access to multiple internal and client-facing systems.

How to Protect Your Organisation

1. Prioritise Patching

Critical and high vulnerabilities: patch within 48–72 hours
Medium: 7–14 days
Low: next scheduled cycle

2. Automate Updates

Use patch orchestration tools to detect, deploy, and roll back updates safely.

3. Asset Visibility

Maintain an accurate inventory of servers, endpoints, cloud instances, and network devices to ensure nothing is missed.

4. Test Before Deployment

Staging validation reduces disruption while ensuring patches are effective.

5. Monitor for Exploitation Attempts

Detect scanning, exploit attempts, and anomalous logins even on patched systems.