• Patching as a social responsibility

    Posted on October 10, 2019 at 05:44 CDT by Comment in the Forums

    Mnnnnnffffffff…..

    Kirsty just pointed me to a post on the Microsoft Security Blog, from Mark Simos, Lead Cybersecurity Architect at Microsoft’s Cybersecurity Solutions Group.

    In the wake of the devastating (Not)Petya attack, Microsoft set out to understand why some customers weren’t applying cybersecurity hygiene, such as security patches, which would have helped mitigate this threat. We were particularly concerned with why patches hadn’t been applied, as they had been available for months and had already been used in the WannaCrypt worm—which clearly established a ”real and present danger.”

    I see two reasons why people don’t patch, over the long term:

    • They don’t know that they need to patch. Win7, for example, shipped with no automatic updates enabled. My Sainted Aunt Martha didn’t know she had to, you know, do anything with her PC other than play Mahjong.
    • They’ve seen (or heard about) the shoddy patches that have been pushed. Don’t get me started.

    Realize that the folks who got hit in the referenced cases hadn’t patched for many months — patches for Petya, (Not)Petya and WannaCry were released many, many months before the attacks hit. So it’s a long-term not-patching problem.

    I wrote to the Cyberhygiene@nist.gov address and said:

    You mean, of course, that it’s Microsoft’s social responsibility to deliver reliable patches. Yes?

    Here’s a  list of problems I’ve encountered in the last two years’ patches:
    Follow the links at the bottom.
    If I can help, drop a line.

    I’ll let you know if I get a response.

    Read the article, please, then tell me what you think here in the comments.

    Windows Patches/Security
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.