Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security Windows IT

95 Of Every 100 Windows PCs Miss Security Updates 126

Posted by timothy from the vested-interests-rational-fears dept.
An anonymous reader writes "From Computerworld today: 'Nearly all Windows computers are likely running at least one unpatched application and about four out of every ten contain 11 or more vulnerable-to-attack programs, a vulnerability tracking company said today.' The new data comes from Secunia's free security-patch scanner the Secunia's PSI. The complete data run-down is available here."
This discussion has been archived. No new comments can be posted.

95 Of Every 100 Windows PCs Miss Security Updates More

95 Of Every 100 Windows PCs Miss Security Updates

Comments Filter:

  • Sounds like like Lunix, OSX (Score:5, Insightful)

    by Anonymous Coward on Thursday January 10, 2008 @07:31PM (#21992572)
    So the point isn't about Windows... the point is about users.

  • I'm not shocked (Score:3, Insightful)

    by Nero Nimbus ( 1104415 ) on Thursday January 10, 2008 @07:35PM (#21992616)
    This isn't really surprising, given that most people treat computers like just another appliance. Then again, not every piece of software alerts you when a new version comes out, so actually keeping 100% of all software on the box current is harder for Windows than say, Ubuntu.

  • Is that... (Score:3, Insightful)

    by 15Bit ( 940730 ) on Thursday January 10, 2008 @07:40PM (#21992684)
    ...just the legit licensed ones they're talking about or *all* Windows PC's?

  • Re-think (Score:0, Insightful)

    by Anonymous Coward on Thursday January 10, 2008 @07:42PM (#21992702)

    This kind of data ought to prompt serious developers to drastically re-think the current desktop security paradigm. Whether it's Windows, Mac OS or Linux, the premise is that the software will frequently prove insecure or deficient and regular updates are required. We expect users to OK these updates and wait for them to take place.

    Obviously 95% of people aren't doing this, so what do we change to fix that? We need to have some combination of the following:


    • Less updates
    • Less security holes
    • Smaller updates
    • Less user intervention

    Personally I think the ideal solution would be to first lock the desktop down. Nothing listens on any ports, ever, unless the user downloads and installs something new. Strip out relatively unused functionality, because it's not worth the security tradeoff. No more Internet Explorers: the specific people responsible for fuck-ups so disastrous and far-reaching ought to be named, shamed, and unemployed. The same goes for the clown responsible for Ubuntu storing the root password in plain-text during installation, if you're concerned about balance.


    I know this is all a pipe-dream, and nothing will ever change. What I secretly wish for is for something on the scale of the Storm Worm, only more malicious and destructive. If somebody gives the public something serious, like a computing 9/11... I don't know... Wipe all their stupid mp3s and photos or something. Really drive it home into the public conciousness. Maybe then they'll understand that the internet is serious business. Also I'm drunk, which if Taco had the slightest clue what he was fucking doing in Perl, would mean an automatic +1 Drunk post score bonus. Fuck you Rob, all this fucking JavaScript has ruined Slashdot for me.

  • Re:Is that... (Score:5, Insightful)

    by Qzukk ( 229616 ) on Thursday January 10, 2008 @07:44PM (#21992746) Journal
    Nah, it's the ones where people did the smart thing: they set up automatic updates, they set up a non-privileged user that they use every day... then they never logged back in as Administrator to click "ok" on the service pack 2 license.

  • People ignore software update alerts (Score:5, Insightful)

    by Freaky Spook ( 811861 ) on Thursday January 10, 2008 @07:49PM (#21992816)

    When I look at people's computers these days they have heaps of different software popping up asking for updates, its got to a point where people ignore it, because its much too common.

    The thing that annoys me most about update alerts is they never give you a reason why the software should be updated. It would be nice if they would give you a link or a summary of simple reasons why you need to actually update their free crapware.

    Java and adobe products are probably the worst with this.

  • duhhhh.... (Score:4, Insightful)

    by debatem1 ( 1087307 ) on Thursday January 10, 2008 @07:56PM (#21992912)
    Anybody who is remotely worried about security is probably not going to download a tool that reports your security status to another organization.

  • Re:Sounds like like Lunix, OSX (Score:2, Insightful)

    by Naughty Bob ( 1004174 ) on Thursday January 10, 2008 @08:02PM (#21992970)
    Agreed it's a PEBKAC, pretty much the only predictable thing when designing software it the likelyhood of humans, with all their crazy ways, using it. That's why this story is really about how effectively software producers anticipate, discourage, and otherwise strive to design out situations like the one described. MS may be evil, but it's not the point here for sure. The point it that they don't take a cogent, cohesive view of the whole social engineering side of their business.

  • Re:Sounds like like Lunix, OSX (Score:1, Insightful)

    by Anonymous Coward on Thursday January 10, 2008 @08:07PM (#21993038)
    Bah, I'd say even of those 'in the know' 95% are jaded cynics like me who have never and will never believe Windows to be magically secure after an update and really can't be bothered patching. Would it matter in the slightest if everyone patched themselves anyway? Exploits in Windows are a dime a dozen, I just make sure to have a secure connection, avoid IE and block scripts by default, keep my AV and spyware removal tools varied and up to date and completely ignore Windows service patches.

  • Re:Sounds like like Lunix, OSX (Score:4, Insightful)

    by VGPowerlord ( 621254 ) on Thursday January 10, 2008 @08:14PM (#21993122)
    Mac users don't get annoyed by the bouncing icon?
    Ubuntu users don't get annoyed by the yellow box that pops up about system updates?

    You'd think that update systems that get on people nerves would actually make them update...

  • Updates Slow Computer Down (Score:3, Insightful)

    by smist08 ( 1059006 ) on Thursday January 10, 2008 @08:54PM (#21993538)
    Many people have a bad impression of updates. They know for sure that updates slow down the computer and they know for sure that updates have previously broken things. So you have a choice: 1. Install something that will degrade your computer (possibly making parts of it unusable) or 2. Don't install it and just hope that you don't open a bad email or something, after all practically speaking viruses aren trojans are quite rare.

  • I should be safe ... (Score:3, Insightful)

    by WoodstockJeff ( 568111 ) on Thursday January 10, 2008 @09:36PM (#21993920) Homepage

    ... Windows Update tells me that the only update I need is "Windows Genuine Advantage", which I don't want, anyway. No other updates needed, since Microsoft told me that WGA wasn't necessary to get security updates... just "new features".

    Yeah, right....

  • You call them security updates (Score:2, Insightful)

    by WillAffleckUW ( 858324 ) on Thursday January 10, 2008 @09:46PM (#21993998) Homepage Journal
    We in dual-boot land call them "driver downgrades".

    Just look at the "fixes" in MS Office 2003 in the last SP.

    Those removed the ability to open older spreadsheet formats we still have data stored in, so we had to roll them back.

    And most of the fixes were already done when we switched to the more secure Firefox as our default browser and got rid of all Outlook instances.

  • Re:Sounds like like Lunix, OSX (Score:2, Insightful)

    by swimin ( 828756 ) on Thursday January 10, 2008 @11:25PM (#21994768)
    Please look up gtksudo.

Slashdot Top Deals

FORTRAN is not a flower but a weed -- it is hardy, occasionally blooms, and grows in every computer. -- A.J. Perlis

Close