Information, OpenSourceSoftware, Security

Why don’t people install security updates?

It just boggles me… Micro$oft released a extra ordinary security update MS08-067 October 23, 2008….

How come, that 2-3 months after, vital machines still gets infected?
Read here and here. (In Norwegian)

Some I talk to, claims that the risk of installing such a patch and having unstable servers etc, is a good reason to not patch… (Im clueless here, so please comment if you have insight to why some dont patch) In my world, not patching, is not an option…

Well, being a sysadmin for many years, I say upgrade… Do the least important machines first (or test/staging servers), moving on as you dont find any issues with the patch… Also.. If you cant trust your OS vendor…who can you trust? And install all updates, relevant or not… or else it will only come back and bite your ass…

When that said, the viruses that spread, have lots of angles to attack your machines. Brute forcing accounts, automatic updates to be even more up to date on new attack vectors, spread via portable media etc… This is not an easy task when you first get infected… so look at the risk installing the patch, and look at all the work that you have to go through cleaning all those systems… what is the cheapest… ?

To my defense, Im a sysadmin and a tax payer… so…
Nord-Trøndelag fylkeskommune and Helse Vest: Waste my tax money on being proactive.. not reactive 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s