Estimating the Time-To-Own of an Unpatched Windows PC

An anonymous reader notes a recent post on the SANS Institute's Internet Storm Center site estimating the time to infection of an unpatched Windows machine on the Internet — currently about 4 minutes. The researcher stipulated that the sub-5-minute estimate was valid for an unpatched machine in an ISP netblock with no NAT or firewall. The researcher, Lorna Hutcheson, called for others to post data on time-to-infection, and honeypot researchers in Germany did so the same day. They found longer times to infection, an average of 16 hours. Concludes the ISC's Hutchinson: "While the survival time varies quite a bit across methods used, pretty much all agree that placing an unpatched Windows computer directly onto the Internet in the hope that it downloads the patches faster than it gets exploited are odds that you wouldn't bet on in Vegas."

How is this measured

[Lord+Lode]

I've heard similar statistics in the past already. How is this statistic measured? Is it the time after you connected your ethernet cable or modem and doing nothing at all but wait, or is it the time after you opened a browser and let an "average" user surf the internet and open things? Is it a problem if you need 4 minutes to install all windows patches and updates?

Re:How is this measured

[JimboFBX]

The fact your firewall was disabled shows you already did some interaction.

Re:Um, what version?

[Computershack]

Which is exactly my point. We know those machines get pwned quickly, so why is this news?

Because it's about Windows and in the current trend, you don't have to bother on /. with little annoyances like facts and the truth if it's to do with Microsoft - any old shite will do if it is trying to make Microsoft look bad.

Yet you'll notice that the /. crowd isn't bleating on about the 33 year old Unix bug that's only just been fixed this week.