Priorities for Security Updates

Discussion in 'NZ Computing' started by Lawrence D'Oliveiro, Sep 18, 2009.

  1. <http://www.h-online.com/security/Companies-have-wrong-priorities-for-security-updates--/news/114252>:

    Although recent attacks on Windows PCs almost exclusively exploit
    vulnerabilities in Adobe Reader, QuickTime, Adobe Flash and Microsoft
    Office, it takes twice as long for security updates for these
    applications to be installed as it does to plug vulnerabilities in the
    operating system.

    The problem is, of course, that those apps have completely separate update
    mechanisms from those of the underlying operating system. Hence a whole
    separate set of manual steps to go through for updates. Wouldn't it be
    simpler if there was a common package manager for everything installed in
    your system? Then you could update it all with one command.
     
    Lawrence D'Oliveiro, Sep 18, 2009
    #1
    1. Advertising

  2. Lawrence D'Oliveiro

    AD. Guest

    On Sep 18, 8:18 pm, Lawrence D'Oliveiro <l...@geek-
    central.gen.new_zealand> wrote:
    > <http://www.h-online.com/security/Companies-have-wrong-priorities-for-...>:
    >
    >     Although recent attacks on Windows PCs almost exclusively exploit
    >     vulnerabilities in Adobe Reader, QuickTime, Adobe Flash and Microsoft
    >     Office, it takes twice as long for security updates for these
    >     applications to be installed as it does to plug vulnerabilities in the
    >     operating system.
    >
    > The problem is, of course, that those apps have completely separate update
    > mechanisms from those of the underlying operating system.


    Exception: MS Office updates are integrated with the OS updates.

    > Hence a whole
    > separate set of manual steps to go through for updates. Wouldn't it be
    > simpler if there was a common package manager for everything installed in
    > your system? Then you could update it all with one command.


    A bigger issue IMO is that a lot of these third party updaters only
    work if you're logged in with admin rights. On desktops where users
    don't have those rights, they hardly ever get a chance to actually
    run. The alternative is for them all to install a service, but do you
    really want all of them to have their own update services.

    It would be cool if Windows Update / WSUS allowed for ISVs to hook
    into and provide updates to 3rd party apps using the same mechanism as
    MS uses (which work pretty well these days). Of course I don't really
    see MS wanting things to work that way, or really trusting other
    vendors to do things properly.

    --
    Cheers
    Anton
     
    AD., Sep 18, 2009
    #2
    1. Advertising

  3. In message <442e738e-8587-4cdf-
    >, AD. wrote:

    > It would be cool if Windows Update / WSUS allowed for ISVs to hook
    > into and provide updates to 3rd party apps using the same mechanism as
    > MS uses (which work pretty well these days). Of course I don't really
    > see MS wanting things to work that way, or really trusting other
    > vendors to do things properly.


    I believe Microsoft does offer ways for third parties to use its update
    mechanisms. But they can't be bothered, because being competing proprietary
    software companies, their agendas are always going to be at odds. They want
    to use their own installers so they can sneak extra crapware onto your
    machine (as Apple has done, for example), hijack file associations so
    clicking on a document opens their product, add custom nag notifications to
    try to persuade you to "upgrade", all that kind of thing.

    Unified package management only works in the Open Source world.
     
    Lawrence D'Oliveiro, Sep 19, 2009
    #3
  4. Lawrence D'Oliveiro

    Carnations Guest

    On Fri, 18 Sep 2009 03:34:14 -0700, AD. wrote:

    > It would be cool if Windows Update / WSUS allowed for ISVs to hook into
    > and provide updates to 3rd party apps using the same mechanism as MS
    > uses (which work pretty well these days). Of course I don't really see
    > MS wanting things to work that way, or really trusting other vendors to
    > do things properly.


    How would that help ordinary users at home?


    --
    "Filtering the Internet is like trying to boil the ocean"
     
    Carnations, Sep 19, 2009
    #4
  5. Lawrence D'Oliveiro

    Richard Guest

    Carnations wrote:
    > On Fri, 18 Sep 2009 03:34:14 -0700, AD. wrote:
    >
    >> It would be cool if Windows Update / WSUS allowed for ISVs to hook into
    >> and provide updates to 3rd party apps using the same mechanism as MS
    >> uses (which work pretty well these days). Of course I don't really see
    >> MS wanting things to work that way, or really trusting other vendors to
    >> do things properly.

    >
    > How would that help ordinary users at home?


    Not having several services running constantly to do updates for them
    would be a good start.
     
    Richard, Sep 19, 2009
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?SnVhbiBBbnRvbmlv?=

    Network connection priorities

    =?Utf-8?B?SnVhbiBBbnRvbmlv?=, Jul 4, 2005, in forum: Wireless Networking
    Replies:
    2
    Views:
    514
    Steve Winograd [MVP]
    Jul 5, 2005
  2. Phil
    Replies:
    1
    Views:
    485
    Andrey Tarasov
    May 22, 2004
  3. Kendal Emery

    OT Priorities

    Kendal Emery, Nov 13, 2003, in forum: MCSE
    Replies:
    2
    Views:
    473
    Politician Spock
    Nov 13, 2003
  4. COMSOLIT Messmer

    IT-Security, Security, e-security

    COMSOLIT Messmer, Sep 5, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    629
    COMSOLIT Messmer
    Sep 5, 2003
  5. Giuen
    Replies:
    0
    Views:
    1,062
    Giuen
    Sep 12, 2008
Loading...

Share This Page