Roger's Security Blog

As Chief Security Advisor of Microsoft EMEA - lets share interesting security information

98% unpatched – and I am one of them :(

98% unpatched – and I am one of them :(

  • Comments 4
  • Likes

Well, you saw my post earlier this week on the 1.96% of PCs being updated according to Secuina. Well, as time does, I decided to install this tool as well to look at it. I did an initial scan on my home PC and this was the outcome:

 

Outch, this hurts my soul but shows as well the problem: I definitely have all our software updated and with must of the solutions above, I have the updates switched on (except Apple, where I switched it off when they wanted to install Safari as an update :()

But honestly, the tool is pretty cool. If you switch to advanced mode, you even get pretty detailed information:

 

So, this makes me really think. This is a PC which I really look after and keep it updated. Nevertheless I seem to have failed.

This shows me the fundamental problem: If I am not able to keep it up to date, how shall my Mom and Dad? The Secunia Personal Software Inspector helps a little bit but I am nut sure whether my parents are able to handle it. So, what we are basically missing is a central point and mechanism to distribute security updates. But who controls this channel? Who ensures that no criminal can get access to it? That no viruses are distributed?

Still a long way to go…

Roger

P.S: Do not even try to attack my PC based on these vulns – they are closed in the meantime

Comments
  • <p>this need to be done by the feds! &nbsp;I'm almost giving up on home users they have no chance to fight these things. &nbsp;Now a corporation has a slim chance but you need to be running the fdcc setup with many external layers of protection.</p>

  • <p>I agree Roger.</p> <p>This tool is pretty cool but can be very complicated for home users.</p> <p>Microsoft has very important feature &quot;Auto Update&quot;, if it use properly, home users can protect them self from OS vulnerabilities but i have seen lot of people disabling that as well.</p> <p>Shoaib</p>

  • <p>Separated Communication, Processing and Storage functionality is the best way to guarantee Security and optionally Privacy. A presentation of an operational low-cost PC-based (research) system in which this function separation is implemented can be found by searching for the keyword &quot;quantum&quot; on the link <a rel="nofollow" target="_new" href="http://www.swissitpro.ch">http://www.swissitpro.ch</a></p>

  • <p>You know that we release our Security Intelligence Report twice an year: Today Version 6 is due. Let</p>

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment