Microsoft distributes free CDs in Japan to patch Windows

• Previous message (by thread): "Free" cleaning tools for worms
• Next message (by thread): Microsoft distributes free CDs in Japan to patch Windows
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Sean Donelan wrote:
> 
> If infected users have an offline method for obtaining patches, then we
> don't need to figure out a way to keep their buggy, infected computers
> connected to the network long enough to download the patches.
> 

And wouldn't it be nice if someone developed a good protocol that 
allowed the ISP to mandate specific patch revisions for various software 
before allowing the user to be connected and a way to push the revisions 
to the end user in the event that they weren't up to date?

AOL can of course pull tricks like this due to the custom architecture. 
Currently, a standard PPP setup with M$ or other O/S doesn't have this 
level of support. VPN and various corporate security policies support 
pushing policies and mandating patches in their software.

At some point, patching and maintaining security needs to be handled at 
the connection. If the protocol is written, the ISP supports it, then 
those with connection software supporting the protocol will maintain 
security while those circumventing it with other connection methods will 
not. However, given that the consumer base in question usually utilizes 
a default M$ install, if M$ incorporated it into their DUN, dhcp, pppoe, 
then a large portion of the problem would be solved.

Would people honestly object to keeping a security patch server locally 
which received patches from the various software vendors to be pushed 
out to their customers?

-Jack

• Previous message (by thread): "Free" cleaning tools for worms
• Next message (by thread): Microsoft distributes free CDs in Japan to patch Windows
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]