sudo yum update
...For the yum users amongst us.
Failure to apply third-party patches rather than updates from Microsoft is "almost exclusively" responsible for the growing exposure of Windows machines to security threats, according to Secunia. Stats from users of Secunia's patch management scanning tool report that, on average, less than 2 per cent of Microsoft programs are …
...For the yum users amongst us.
For those still running RHEL 4
loads of little icons next to the clock in the bottom right and click check for updates, or whatever it might be for that software then....
visit about 300 websites and download latest versions. Uninstall old versions (if possible), install new versions over the next 4 hours, rebooting occasionally.
fix the inevitable 4 BSOD's you are going to get
Are a pain. I work supporting a smaller retail retailer and have disabled as many auto-updaters as I can. The people working on these machines don't need to be bothered by balloon messages appearing in the notification area. It breaks their train of thought and disrupts the flow of dealing with the customer when they stop to read that Adobe Updater will now check for updates.
So, I've made the machines as lean as possible when it comes to applications - only what's needed to get the job done, and the those applications are updated weekly. No Itunes (really! the bosses were using the POS computers to load their iPods!), Real Player or Acrobat (Foxit works fine for what we do).
It bothers me that when I put in an updated version of an application the auto-updater gets re-enabled. I specifically disabled it, why can't my configuration settings be saved? Can't they ask me before assuming that I want it turned on?
They don't let you choose the time to update, unlike Windows update and anti-virus products. Maybe if they did, I would be more inclined to use them.
And yes, it is handy that Secunia has a tool for this. Funny how they managed to bring this to our attention. Nice of them, I guess.
So basically, each time Microsoft creat a new version of Windows, they have to try and make their end bulletproof and also try to protect users from the lousy programmers who created crap code and don't bother updating it when a vulnerability is being abused.
No wonder MS have such a tough time when Adobe and quicktime can constantly update but not fix flaws people will then blame MS for.
Microsoft ought to provide a unified patching framework like every other OS on the planet. Keeping track of the updates for each individual piece of software is such a pain. Updating through Synaptic on Ubuntu, for instance, is so much easier - almost a pleasant experience.
point you to the right updates for the respective programs.
That doesn't mean I don't recognize this press release for the propaganda that it is.
I wouldn't trust MS to be the central source for updating. I like the idea of MS adapting one of the Linux Tools to support centralized updates for Third Party apps. I would not object to them keeping the MS updater separate from the adapted Linux updater. As I see it the only problem with this route is MS has no idea how to monetize the solution.
The reason for this is that MS has no central update mechanism that third parties can hook into, and if every individual app vendor provides their own separate update system the system will quickly get bogged down in bloat.
The Debian system of repositories solves this problem nicely, but MS simply refuse to implement anything similar.
Third party programs they may be, but they are only as insecure as *Microsoft's* operating system *allows* them to be.
Fail... at moving the spotlight off Microsoft, even if they were only trying to do it to sell their own services.
This isn't about whether Windows is secure. It is about whether a Windows system has had all the relevant available security patches applied. That is not the same thing. Windows with all patches in place still isn't secure: there are unpatched vulnerabilities. Each patch that you install represents Windows not being secure before you did that, and there's a handful of known outstanding insecurities that will be patched either some time in the future, or never. So 100% of Windows systems are non-secure BEFORE you consider Adobe Reader X and Flash updates, for third-party programs which are probably on the computer when you buy it, and Java, which probably isn't.
I'm not sure, but I think Java checks for updates by default once a month, Adobe Reader something similar, and Adobe Flash sometimes announces at bootup that you should download its new version - I don't recall seeing notification of this at other times.
"I have never been outside the MS-Windows environment and so have never experienced seamless package management as a system built-in function, therefore cannot conceive how such a thing could possibly work so it must not be possible."
The answer is, of course: in the outside world, package management via a single central program has been the norm for longer than Windows has had a version number greater than 3.1.
Yes, you do get the odd proprietary supplier who, coming across from the MS world, simply DOESN'T GET IT, but they tend to spent all their time whinging that no-one in the non-MS space is taking them seriously. Linux/BSD/etc. users have better things to do with their time than piss around with manual installs and updates, so a product has to be pretty damned compelling to get them to bother.
I don't know if others share my logic, but I run Windoze Update and then PSI, in that order, thus ensuring that PSI always finds Windoze is current whilst other applications may need updating. I do it this way because, when PSI notes a needed update to Windoze or Office, it links to the Windoze Update site and I end up running Micro$oft's search anyway; might as well run it first.
I assume that there is a legal reason for Secunia's choice of links, but their choice drives my choice of scanning order, and thus skews their results in my case.
Who else has noted this and altered their behavior accordingly?
Biting the hand that feeds IT © 1998–2018