A Default to Safety | eWeek

A Default to Safety

Écrit par
eWEEK EDITORS
eWEEK EDITORS
Sep 1, 2003
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

August truly deserved the description “the dog days of summer” this year, at least regarding Internet security. The month was easily one of the worst ever in terms of the spread of worms and viruses, with Blaster and SoBig.F dominating headlines. Ideally, code from vendors such as Microsoft would be perfectly secure, and it would be impossible to write viruses—but that wont happen any time soon. Perhaps the talented coders who write these viruses and worms will get a life and decide to do something productive, but we dont hold out much hope for that, either.

Maybe users will pay attention to their systems and patch holes when they become known or at least use workarounds to prevent their systems from being exploited by viruses and worms. But after writing countless articles on how to secure systems and listening to the trials of our readers when they try to get users to patch and secure their systems, we can safely say that some people will never take responsibility for system security.

Thats why we are glad to hear that Microsoft is considering changing its Automatic Update feature, which is available in Windows XP, so that by default it will automatically download and install patches as needed. We appreciate that this will not be the case for enterprise users, who can end up with unforeseen problems with some patches. The default Automatic Update setting is intended only for home and small-business users.

In a recent conversation with Steve Lipner, director of security engineering strategy at Microsoft, we were also glad to hear that the Automatic Update default setting will not be mandatory. Users will still have the option to disable automatic updating. According to Lipner, Microsoft is still refining its plans. He said the company is considering deploying the revised Automatic Update in a service pack.

We believe making automatic updating the default setting for home users is a step toward reducing the spread of viruses and worms, although it will not be a cure-all. While the effect of Blaster would have been greatly lessened by the revised Automatic Update, the feature would have had no effect on the spread of the SoBig virus. Microsoft must be careful in implementing automatic updating. It must avoid changing user licensing agreements in updates, where a user never gets a chance to click on OK. This would lower trust in Microsoft at a time when it needs to gain trust.

Microsoft should also immediately triple the amount of testing of patches before they are released to the public. If automatic updating becomes a default setting, any patch that causes more damage than it fixes could be more devastating than any virus for users and could severely reduce Microsofts chance of gaining their trust.

Send your responses to eWEEK@ziffdavis.com.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.