Estimating the Time-To-Own of an Unpatched Windows PC

An anonymous reader notes a recent post on the SANS Institute's Internet Storm Center site estimating the time to infection of an unpatched Windows machine on the Internet — currently about 4 minutes. The researcher stipulated that the sub-5-minute estimate was valid for an unpatched machine in an ISP netblock with no NAT or firewall. The researcher, Lorna Hutcheson, called for others to post data on time-to-infection, and honeypot researchers in Germany did so the same day. They found longer times to infection, an average of 16 hours. Concludes the ISC's Hutchinson: "While the survival time varies quite a bit across methods used, pretty much all agree that placing an unpatched Windows computer directly onto the Internet in the hope that it downloads the patches faster than it gets exploited are odds that you wouldn't bet on in Vegas."

Re:How is this measured

Same here. Some years ago I installed XP and when I connected to the internet I almost immediately received the "your computer will shut down in 60 seconds" notice triggered by the blaster virus.

I bought Suse the same day and never looked back.

Re:Use a Linux live CD

[Cramer]

*ding* we have a winner. of course, sadly, a linux (or solaris, or in fact, almost any *NIX) box can be hijacked just as fast if no patches are (ever) installed. ('tho i don't know about 4min, as linux isn't as highly targeted.)

Re:... and if you leave your car key in the igniti

[Lennie]

I'm sorry, but if you take your average Linux distribution, you will see this won't happen.

For a company with so many resources (read: money) they keep messing up in a big way.