Windows microsoft 7 understanding windows automatic updating
The security effort is driving towards the following: Driving major improvements in the area of patch and update management is a key aspect of the Trustworthy Computing initiative.In 2002, Microsoft formed an internal task force to identify opportunities for improving the software update and security update management process and technologies, and to drive those improvements.
It represents one of the first steps taken to help customers determine if an event is relevant to their environments, how and when to download and deploy the security updates, and how the software updates or security updates affect their overall IT infrastructures.Of the 90 percent of CSI/FBI survey respondents detecting computer security breaches within the last year, 80 percent acknowledged financial losses.Forty-four percent—those companies which could quantify the loss—reported $456 million in losses.About 85 percent of the survey’s participants detected viruses even though most had deployed firewalls (98 percent) and anti-virus technology (99 percent).These attacks on IT infrastructures take many forms, including theft of proprietary information, financial fraud, worms, viruses, and net abuse by employees.For systems and networks impacted by these events, the answer is generally ‘no’ or ‘not consistently.’” Forrester Research recently observed that for nine recent security exploits affecting Microsoft environments, on average, software patches were available weeks or months in advance of the worm/virus event.
CERT calculates the financial damage from these security intrusions worldwide at around $15 billion annually.
This cross-divisional team, the Patch Management Task Force, solicited feedback from all sizes of organizations across the world.
Based on this extensive customer engagement, the Patch Management Task Force distilled the input into four key areas of focus: Keeping IT professionals informed about software updates and security updates represents a crucial component to helping customers take the necessary and appropriate actions as they manage operational risks.
According to the Computer Security Institute (CSI), the results of the 2002 CSI/FBI Computer Crime and Security Survey indicate that “the threat from computer crime and other information security breaches continues unabated and the financial toll is mounting.” Ninety percent of the CSI/FBI survey’s respondents detected computer security breaches in 2002.
Of those security breaches, 95 percent occurred because of poor system configuration.
Consequently, ensuring that the latest software updates, particularly security updates, are applied quickly and consistently across the enterprise—small, medium, or large—has become an increasingly important part of that enterprise-wide system management and security program.