Feeds

Roll up for the MS UK Win2k backdating updating system

We think maybe there's something they're not telling British businesses...

  • alert
  • submit to reddit

Boost IT visibility and business value

Attention British businesses! Are you serious about security? Well, of course you are, so try this little excursion along the Microsoft road to corporate security.

First, fish out one of those old Windows 2000 Professional distribution CDs you have, and do a fresh install. As you're a British business, remember to set your system locale to UK. Now, go and get a copy of Microsoft Baseline Security Analyzer. This, in case you weren't aware, is a handy free tool for checking for vulnerabilities on systems, and has the particular advantage (unlike Windows Update) of allowing you to download the patches and install them on multiple machines, rather than just the one. You can get it here. It's an approved Microsoft security tool, as opposed to a favoured one, so they'll kill it off some day, but it's handy for the moment. Install it, fire it up and scan.

Scary, eh? Obviously, rather than grab that little lot all in one go, it makes sense for you to grab the latest Service Pack and see how many of the vulnerabilities are hosed by installing that. So now we'll use Baseline Security Analyzer to find the Service Pack. Click on the "How to correct this" link next to one of the vulnerabilities, then on the Software Update Services link at the bottom of the page it takes you to. Next, click on downloads in the left hand panel, then Service Packs.

Nearly there? Er, not exactly. Click on the Windows 2000 link and you go through to "How to Obtain the Latest Windows 2000 Service Pack (UK Version)" - because you're in the UK, and Microsoft knows this, right? As you can see, it's all spiffily up to date here - you can get Windows 2000 Service Pack 3, and all the post-SP3 hotfixes as well. What's that we hear you say? Win2k SP4's been out for yonks?

Well, not in Microsoft UK land, apparently. But don't worry, as you see, the link to SP3 takes you straight through to an MS UK site 404 page anyway. You may now, if you like, start searching microsoft.com for a version of SP4 that you can download and install by hand, but we really don't advise it, given that Microsoft's ultra-helpful systems will keep kicking you over to what they think are the latest updates for your UK system. And yes, well-spotted, you don't actually need to install Baseline Security Analyzer to have Microsoft's search systems screw over a system set to the UK, but we shoved it in anyway because it's a logical route for your average security-conscious business to take, if they don't want to use Windows Update.

And the moral of this little exercise? Well, the minor moral is that you're clearly better off searching for things on microsoft.com with Google (win2k sp4 gets you this as first rank), but the major moral is as follows. Microsoft is, as we keep hearing, serious about security, and it's also very serious about automating its systems so that they magically, painlessly, helpfully keep your systems up to date. Microsoft, however, is demonstrably incapable (see above) of automating its own systems to the extent that the automation itself is up to date. Therefore, the more automated it all gets, the more likely things are to break, and the less likely it is that you'll be able to dig yourself out and fix it by hand.

But the next generation of software update services will be better, right? Honest... ®

Application security programs and practises

More from The Register

next story
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Do YOU work at Microsoft? Um. Are you SURE about that?
Nokia and marketing types first to get the bullet, says report
Microsoft takes on Chromebook with low-cost Windows laptops
Redmond's chief salesman: We're taking 'hard' decisions
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
EU dons gloves, pokes Google's deals with Android mobe makers
El Reg cops a squint at investigatory letters
Chrome browser has been DRAINING PC batteries for YEARS
Google is only now fixing ancient, energy-sapping bug
Big Blue Apple: IBM to sell iPads, iPhones to enterprises
iOS/2 gear loaded with apps for big biz ... uh oh BlackBerry
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.