On Sat, 30 Aug 2003 14:09:40 EDT, Joe Abley said:
That won't save them when the time required to download the patch set is an order of magnitude greater than the mean time to infection.
This, in fact, is the single biggest thorn in our side at the moment. It's hard to adopt a pious "patch your broken box" attitude when the user can't get it patched without getting 0wned first...
Seems to me that it would be far more effective to simply prohibit connection of machines without acceptable operating systems to the network. That would send a more appropriate message to the vendor, too (better than "don't bother to test before you release, we'll pay to clean up the resulting mess").
Given the Lion worm that hit Linux boxes, and the fact there's apparently a known remote-root (since fixed) for Apple's OSX, what operating systems would you consider "acceptable"?