Monday, November 12, 2007
Enterprise Architecture: Thoughts on Windows Update
Imagine what would happen if Microsoft bloggers actually read this blog entry where I commented on Microsoft Windows Update and decided to take action to make it better...
Have you ever thought for a moment why Microsoft platforms always get a bad rap? Sometimes it is well deserved in that their operating system wasn't built with security in mind. Of course they have initiatives around secure coding but it will be difficult at best while also attempting to maintain backward compatibility.
Anyway, half of the problems of the Microsoft platform aren't Microsoft's fault but are more about third party software running on top of it. If you were to look at your own desktop, you may realize that you have at least a dozen or so software products installed that Microsoft didn't create. Each of these products may have their own way of patching software, but the problem is that you probably have no clue that a patch even exists or where to find it.
The Windows Update platform could be the solution to this problem. By providing one place where users can find all the necessary security patches can help make the Windows operating system more secure. For the record, I am not asking Microsoft to provide hosting for the patches themselves as this would kill their bandwidth, but I am asking for them to help figure out ways for users to find them.
What if the folks at Microsoft provided MFC classes that allowed for Windows Update from the UI? What if the same MFC classes had hooks into the update code? What if the act of code signing an application also allowed for registration to the Windows update site?
Enterprises spend a lot of time on patch management where vendors such as Microsoft, Oracle and others are not only the problem but have the potential to become part of the solution. Think about how much money large enterprises spend simply patching things and then prioritize its importance. I think you get the picture....
| | View blog reactionsHave you ever thought for a moment why Microsoft platforms always get a bad rap? Sometimes it is well deserved in that their operating system wasn't built with security in mind. Of course they have initiatives around secure coding but it will be difficult at best while also attempting to maintain backward compatibility.
Anyway, half of the problems of the Microsoft platform aren't Microsoft's fault but are more about third party software running on top of it. If you were to look at your own desktop, you may realize that you have at least a dozen or so software products installed that Microsoft didn't create. Each of these products may have their own way of patching software, but the problem is that you probably have no clue that a patch even exists or where to find it.
The Windows Update platform could be the solution to this problem. By providing one place where users can find all the necessary security patches can help make the Windows operating system more secure. For the record, I am not asking Microsoft to provide hosting for the patches themselves as this would kill their bandwidth, but I am asking for them to help figure out ways for users to find them.
What if the folks at Microsoft provided MFC classes that allowed for Windows Update from the UI? What if the same MFC classes had hooks into the update code? What if the act of code signing an application also allowed for registration to the Windows update site?
Enterprises spend a lot of time on patch management where vendors such as Microsoft, Oracle and others are not only the problem but have the potential to become part of the solution. Think about how much money large enterprises spend simply patching things and then prioritize its importance. I think you get the picture....
