Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Plans An Overhaul For Patch System

Posted by timothy on from the reboot-again dept.

sckienle writes "ZD-Net has an article about Microsoft's plans to overhaul their patch system. 'Ninety-five percent of attacks happen after a patch for a known software vulnerability has been issued' says Scott Charney, chief trustworthy computing strategist at Microsoft. Basically, Scott is promoting the idea that Microsoft can do a better job, in many ways, so people will trust and be able to install patches quickly. Microsoft has a transcript of Scott Charney's talk on their site." As reader sweeney37 summarizes, " Microsoft's plan is to reduce the patch installers from eight to two, they want to have one patch installer specifically for the OS side and one specifically for the applications." Sweeney37 points out this InformationWeek article on the planned change.

5 of 402 comments (clear)

  1. A very tough task by timeOday · · Score: 5, Informative

    In the commercial world, because of restrictions on software distribution, there is no single place to go for patches. There is no debian or RedHat that distributes 100s or 1000s of applications and will provide you patches for ALL of them promptly and consistently.

  2. Re:Not true at all! by Branka96 · · Score: 3, Informative

    Well take a look at http://www.macintouch.com/mosxreaderreports.html. The number of people having problems after installing an Apple patch is very large. Blinding trusting a vendor is a recipe for disaster. When did Apple start signing their patches? Enough said.

  3. Re:What they also need... by pe1chl · · Score: 3, Informative

    This is already possible, although it is cumbersome.
    You can, when writing your unattend.txt, specify a batchfile that is to be run after the install. In that batchfile you can put the patches, with the correct switches to install them silently and without reboot.

    Unfortunately, and this is where the patch program mess comes in, not all patches have the same set of switches and not all of them can be run silently.
    For those, you need to use a script (kix, vbscript, whatever) to send the keypresses needed to proceed with the installation.

  4. EULA's by protoshoggoth · · Score: 3, Informative

    If Microsoft is serious about wanting people to install their patches, they should institute a policy against making 'retroactive' changes to product EULAs in the patches. If they want me to patch this stuff on a weekly basis, having to parse through a few pages of EULA-ese in order to do so is a substantial 'barrier to entry'.

  5. Re:recent bad patches? by Zigg · · Score: 3, Informative

    You have a choice today. But you may not in the future.