«

It’s so easy to install Windows software—yeah, right. But keeping it up to
date means remembering to visit umpteen different websites, one for every
package you’ve installed, finding the updates pages, checking versions, then
downloading and installing the actual updates. How many times a week do you
have to do this?

No wonder most users simply can’t be arsed.

<http://www.theregister.co.uk/2011/01/18/security_vulnerability_breakdown_secunia/>

On Jan 19, 4:27*pm, Lawrence D'Oliveiro <l...@geek-
central.gen.new_zealand> wrote:
> It’s so easy to install Windows software—yeah, right. But keeping it up to
> date means remembering to visit umpteen different websites, one for every
> package you’ve installed, finding the updates pages, checking versions, then
> downloading and installing the actual updates. How many times a week do you
> have to do this?
>
> No wonder most users simply can’t be arsed.
>
> <http://www.theregister.co.uk/2011/01/18/security_vulnerability_breakd...>

Especially when most of these third party updaters don't even notify
the user or can't update themselves anyway if the user is being
responsible and not running with admin privileges.

It would be great if ISVs could register a signed package repository
that Windows Update (and WSUS) could use. Obviously the repos would
need some sort of authorisation and possible revocation method etc.

Surely if Adobe, Apple and Oracle etc vulnerabilities are making
Windows look bad, MS would have something to gain by extending Windows
Update this way.

--
Cheers
Anton

On 2011-01-19, AD. <> wrote:
> On Jan 19, 4:27?pm, Lawrence D'Oliveiro <l...@geek-
> central.gen.new_zealand> wrote:
>> It?s so easy to install Windows software?yeah, right. But keeping it up to
>> date means remembering to visit umpteen different websites, one for every
>> package you?ve installed, finding the updates pages, checking versions, then
>> downloading and installing the actual updates. How many times a week do you
>> have to do this?
>>
>> No wonder most users simply can?t be arsed.
>>
>> <http://www.theregister.co.uk/2011/01/18/security_vulnerability_breakd...>
>
> Especially when most of these third party updaters don't even notify
> the user or can't update themselves anyway if the user is being
> responsible and not running with admin privileges.
>
> It would be great if ISVs could register a signed package repository
> that Windows Update (and WSUS) could use. Obviously the repos would
> need some sort of authorisation and possible revocation method etc.
>
> Surely if Adobe, Apple and Oracle etc vulnerabilities are making
> Windows look bad, MS would have something to gain by extending Windows
> Update this way.
>
The above logic is all wrong. If third party programmes are causing grief MS can
advertise that Ms Windows is not the cause of the problem and thus safe to
buy, in fact good to buy as you can be rest assured that it is not going to
cause the problem.

Spin, it is an art.

"AD." <> wrote in news:6de34b39-f46a-405a-88a5-
:

> It would be great if ISVs could register a signed package repository
> that Windows Update (and WSUS) could use. Obviously the repos would
> need some sort of authorisation and possible revocation method etc.

Secunia PSI V2.

I do agree that the Linux distros do a much better job of this now, with
dependancies taken care of etc.

--
Ciao, Dave

On 19/01/2011 10:17 p.m., Dave Taylor wrote:
> "AD."<> wrote in news:6de34b39-f46a-405a-88a5-
> :
>
>> It would be great if ISVs could register a signed package repository
>> that Windows Update (and WSUS) could use. Obviously the repos would
>> need some sort of authorisation and possible revocation method etc.
>
> Secunia PSI V2.
>
> I do agree that the Linux distros do a much better job of this now, with
> dependancies taken care of etc.
>
System Center Configuration Manager does a good job of it for Windows in
an enterprise environment. We've had it doing pretty much all we need
for the last couple of years[1] including dependencies and third party
app patching across 6000+ desktops and several hundred servers.

[1] So long as my erstwhile colleague remembered to actually release the
patches.

On Wed, 19 Jan 2011 04:35:26 +0000, Gordon wrote:

> The above logic is all wrong. If third party programmes are causing
> grief MS can advertise that Ms Windows is not the cause of the problem
> and thus safe to buy, in fact good to buy as you can be rest assured
> that it is not going to cause the problem.

Doesn't matter that MS Windows isn't vulnerable on that particular
occasion - it's still riddled with security flaws and vulnerabilities
that MS is still regularly patching.


--
"Filtering the Internet is like trying to boil the ocean"

On Wed, 19 Jan 2011 23:16:08 +1300, EMB wrote:

> System Center Configuration Manager does a good job of it for Windows in
> an enterprise environment. We've had it doing pretty much all we need
> for the last couple of years[1] including dependencies and third party
> app patching across 6000+ desktops and several hundred servers.

But what about all the mum and dad desktop users who don't have the
benefit of certified MS Shi^n^n^n Administrators supervising all those
desktops behind highly reliable *nix-based firewalls?


--
"Filtering the Internet is like trying to boil the ocean"

Sweetpea <> wrote in newsan.2011.01.19.10.50.53
@Sweetpea.com:

> But what about all the mum and dad desktop users who don't have the
> benefit of certified MS Shi^n^n^n Administrators supervising all those
> desktops behind highly reliable *nix-based firewalls?


Secunia PSI V2 is at least a start for them. It does get the worst
offenders fixed like Adobe Flash for instance.
Combine that with making them a USER, not Administrator, and you have
many holes fixed right off the bat.

--
Ciao, Dave

On Thu, 20 Jan 2011 07:32:40 +1300, EMB wrote:

> They are in a better situation than with linux - where there is an
> almost complete lack of commercial support available to them.

rubbish! There is plenty of commercial support for *nix.


--
"Filtering the Internet is like trying to boil the ocean"

On 21/01/2011 7:35 a.m., EMB wrote:
> On 20/01/2011 10:38 p.m., Sweetpea wrote:
>> On Thu, 20 Jan 2011 07:32:40 +1300, EMB wrote:
>>
>>> They are in a better situation than with linux - where there is an
>>> almost complete lack of commercial support available to them.
>>
>> rubbish! There is plenty of commercial support for *nix.
>>
> As usual you twist the topic - *nix != linux.
>
> And there is virtually no commercial linux support available to retail
> end users.

Twisting a bit yourself there