Slashdot Mirror

← Back to Stories (view on slashdot.org)

Windows 24 Hr Vulnerabilty Patch - Would It Help?

Posted by Cliff on from the don't-hold-your-breath dept.

super_ogg asks: "In light of the recent Windows infection rate problem, it prompted me to ask the question: if Microsoft was able to guarantee a 24-hour-patch for a vulnerability (and hell didn't freeze over), how much would it affect the rate of infection seeing that a lot of people don't patch their systems? Would the rate of infection increase dramatically?"

2 of 70 comments (clear)

  1. Not much. Yet. by Deathlizard · · Score: 2, Informative

    Most of the Vulnerabilities happen weeks to months after a patch is released. It's just getting the patch on the machine that's a problem.

    As XP SP2 starts to overtake XP SP1 and SP0 sales, it should get better, since SP2 screams and yells if you turn off automatic updates. This is going to take a while since most people are paranoid of SP2 or MS won't let them install it cause their OS is a pirate.

    Hopefully in longhorn, they do the same thing they did with .Net 2003 SP1 and firewall the internet until windows downloads all the critical patches. This would stop the 12 minute problem pretty quickly.

    --
    In Soviet Russia, Trojan exploits YOU!
  2. INCREASE Dramatically? by UserChrisCanter4 · · Score: 1, Informative

    Increase dramatically? Well, I know one of MS' claims is that the descriptions for the patches might show malware authors new exploits that they didn't know about. I think most of the major worms were produced long after patches had already posted, though I don't know if that was because the malware authors saw the bugfix notes, or if they used info gleaned from other sources. That said, I doubt it would change the infection rate at all.

    I was doing retail computer repair up until November of last year. Even in November of '04, it was still exceedingly common to see recent infections of Sasser or Blaster worms, which had been around for over a year before that point. These were worms, mind you, which exploited bugs that had been patched months prior to their first appearance.

    After all is said and done, I think the vast majority of users both business and home would rather have a patch that was worked on for a week or so than one that was rushed out the door. The clueless won't install it even when it's already out. The security conscious already have a decent firewall in place that should hold them for that brief time. Additionally, I'm not aware of a recent major worm or virus that exploited a known bug before the patch arrived, so the security people probably don't have much to worry about as far as worms/viruses are concerned. Of course, I'm sure some more knowledgeable /.er will correct me on that last point.