Roll up for the MS UK Win2k backdating updating system
We think maybe there's something they're not telling British businesses...
Attention British businesses! Are you serious about security? Well, of course you are, so try this little excursion along the Microsoft road to corporate security.
First, fish out one of those old Windows 2000 Professional distribution CDs you have, and do a fresh install. As you're a British business, remember to set your system locale to UK. Now, go and get a copy of Microsoft Baseline Security Analyzer. This, in case you weren't aware, is a handy free tool for checking for vulnerabilities on systems, and has the particular advantage (unlike Windows Update) of allowing you to download the patches and install them on multiple machines, rather than just the one. You can get it here. It's an approved Microsoft security tool, as opposed to a favoured one, so they'll kill it off some day, but it's handy for the moment. Install it, fire it up and scan.
Scary, eh? Obviously, rather than grab that little lot all in one go, it makes sense for you to grab the latest Service Pack and see how many of the vulnerabilities are hosed by installing that. So now we'll use Baseline Security Analyzer to find the Service Pack. Click on the "How to correct this" link next to one of the vulnerabilities, then on the Software Update Services link at the bottom of the page it takes you to. Next, click on downloads in the left hand panel, then Service Packs.
Nearly there? Er, not exactly. Click on the Windows 2000 link and you go through to "How to Obtain the Latest Windows 2000 Service Pack (UK Version)" - because you're in the UK, and Microsoft knows this, right? As you can see, it's all spiffily up to date here - you can get Windows 2000 Service Pack 3, and all the post-SP3 hotfixes as well. What's that we hear you say? Win2k SP4's been out for yonks?
Well, not in Microsoft UK land, apparently. But don't worry, as you see, the link to SP3 takes you straight through to an MS UK site 404 page anyway. You may now, if you like, start searching microsoft.com for a version of SP4 that you can download and install by hand, but we really don't advise it, given that Microsoft's ultra-helpful systems will keep kicking you over to what they think are the latest updates for your UK system. And yes, well-spotted, you don't actually need to install Baseline Security Analyzer to have Microsoft's search systems screw over a system set to the UK, but we shoved it in anyway because it's a logical route for your average security-conscious business to take, if they don't want to use Windows Update.
And the moral of this little exercise? Well, the minor moral is that you're clearly better off searching for things on microsoft.com with Google (win2k sp4 gets you this as first rank), but the major moral is as follows. Microsoft is, as we keep hearing, serious about security, and it's also very serious about automating its systems so that they magically, painlessly, helpfully keep your systems up to date. Microsoft, however, is demonstrably incapable (see above) of automating its own systems to the extent that the automation itself is up to date. Therefore, the more automated it all gets, the more likely things are to break, and the less likely it is that you'll be able to dig yourself out and fix it by hand.
But the next generation of software update services will be better, right? Honest... ®