Patrick W. Gilmore wrote: [.]]
That said, the majority of compromised computers do run some flavor of Redmond-Ware. (One can argue about the underlying cause - market share, quality of software, virus writer's preference, whatever - but the fact still stands that most compromised computers run Windows.) So getting a "windows update sandbox" would be very useful.
You want to have a look at: http://technet.microsoft.com/en-us/wsus/ 8<---------------------------------------------------------------- Microsoft Windows Server Update Services Microsoft Windows Server Update Services (WSUS) enables information technology administrators to deploy the latest Microsoft product updates to computers running the Windows operating system. By using WSUS, administrators can fully manage the distribution of updates that are released through Microsoft Update to computers in their network. ----------------------------------------------------------------->8 Which is used in large organizations to deploy patches with ease. Requires some AD mumbojumbo of course. Really the information is out there, google knows, so can you :) Greets, Jeroen