What is Patch Impact Analysis?
Patch Impact Analysis is a new feature in AppDNA 7.8, the range surface determined by a Microsoft patch to your portfolio of applications. , it is important to realize that this does not tell you what the patch does, or its criticality, but the applications * could * be affected. This should help you plan what applications you want to test, and also help to understand how could be a patch invasive.
For example, if you we be able to recognize that 70 of the applications have been directly affected by the patch 1000 applications for a particular patch.
What affects directly or indirectly meant?
is directly affected the application directly an API from a file is imported updated by the patch. For example, if Application.exe imported directly from mydll.dll and mydll.dll updated by the patch, we will report it as red.
The other criterion is when the application the same file redistributed as a being Patch. For example, if the app redistributed (or installed) flash.ocx and the patch then has released an update for flash.ocx.
This was a new scenario, as we need in the release and supports patch at the end of this blog detailing your AppDNA version with AppDNA patch. You only need this patch if you are interested in patches
Indirectly affected application are generally re- Distributable as .Net, Java, C ++, etc. affect applications that have dependencies that are affected by the patch.
How to use Patch Impact Analysis
to Configure-> Solutions-> Patch
calling them your patch analysis:
Select which method of patch-import (means manual that I downloaded them to a file share on):
Select which applications you want to analyze
Select which patches would like you to analyze up to
If your patch imported is not yet, you can click Browse to select a patch:
The last step is to click on analysis, which then perform the analysis:
wait until the analysis concluded:
AND PRESTO -we a who report!
This is the top-level report is pointing to a base which or indirectly affected applications directly via Patch: can on an application
you will see and the detailed report for each application, which may explain why we use will be affected by the patch:
Learn how to solve this my patch Tuesday woes?
No, not quite, because we can not guarantee that an application actually using the patched APIs, we would perhaps be able to know, because it is directly linked to the infected file.
hopefully useful to understand it is to be able to which applications can be used to test rather than blindly targeted test them all and also how invasive a patch is by seeing how much of your portfolio there are potentially affected.
You can patch AppDNA 7.8, by following the instructions in this ZIP file, you need to do this only if the additional algorithms that detects applications sought distribute the new files that are patched. I would only do this to recommend to the laboratory.
0 Komentar