Security threats Toolkit

Microsoft concedes dial-up patch problem

Tags:
Security,
Microsoft

Ingrid Marson ZDNet.co.uk

Published: 14 Jun 2004 09:25 BST

Users need to do more about security prevention, but Microsoft admits that getting the latest update patch from the Web is not always easy for consumers connecting via dial-up links.

The conference, called the 20:20 Programme, is a Microsoft initiative to discuss Linux and open source. A recurring theme of the conference was that the Microsoft speakers kept neglecting the cost of securing Windows when comparing the relative cost of ownership of Windows and Linux systems.

Nick McGrath, head of platform strategy at Microsoft, said that the company had to educate users in basic system security issues: downloading the latest Microsoft security updates from the Web, using a firewall and keeping their antivirus software up-to-date. However, there's a catch.

The length of time it takes to download Microsoft updates can be prohibitive, said Barley. This is particularly a problem for the 67 percent of the UK population connecting to the Net via dial-up -- a problem that has forced Microsoft to start issuing its patches on CD-ROMs.

"Getting [Microsoft Update] downloads over dial-up can be horrendous," admitted Nick Barley, director of marketing at Microsoft.

Downloads are also little help to users logging onto the Internet for the first time. Graham Cluley, senior technology consultant at Sophos, points out that an unprotected computer can be infected with the worm within 10 minutes of first connecting to the Internet.

"The goal [at Microsoft] is to create a software-driven approach, rather than patching," said Barley.

Microsoft has little choice to but provide constant patches via the Web or CD-ROM, until it can design robust security into its operating system from the get-go. For that 'software-driven' approach, Microsoft says users will have to wait until the next version of the operating system, Longhorn.