Reply to post: Re: Great analysis - thanks

Wannacry: Everything you still need to know because there were so many unanswered Qs

Chrisni

Re: Great analysis - thanks

The vast majority of affected systems were corporate, not personal systems. These end up being maintained by corporate IT departments, which usually don't automatically patch the desktops.

This is usually because they need to ensure that any patches released will not prevent software used by the company from working. They'd want to regression test it before rolling out the updates.

This all sounds reasonable to a degree, but you get cost saving measures whereby corporate IT department's use a static patch deployment cycle of their own (maybe every 6 months) rather than every time an update is released. As such, security updates can go many months waiting to be deployed in corporate networks, increasing the level of vulnerability to pretty much every type of Malware.

The solution of this is for corporations to change their procedures. Interim security patches like the March patch doesn't require batch regression testing as they might when a large feature patch is released.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019