Larry Osterman's WebLog

Confessions of an Old Fogey
Blog - Title

Free security CD from Microsoft

Free security CD from Microsoft

  • Comments 12

This isn’t news, but it came up in a discussion in the comments section of my blog yesterday.

Microsoft offers a free CD that contains all the security patches for Windows XP, Windows ME, Windows 2000, Windows 98, and Windows 98SE up to February of this year.

You can order it here.

 

  • I ordered one back when the news first broke of its availability... it never came :~(
  • I got mine. Nothing you cannot get off Windows Update. And they left out all Server 2003 patches. Pass on this one.
  • heh. You can't order it unless you're using IE (broken javascript).
  • I never said there was something new about this.

    But it gives you a reliable way of getting all the patches for Windows without having to download them from the internet.

    And if you've got a machine on the internet without a firewall, this provides a way to get most of the patches without putting your unpatched machine on the web for hours at a time.

  • really great when your machine gets 0wned by something released since february. These things are coasters, outdated the day they are released.
  • I wonder why isn't the CD order-able in my country, Romania.
  • I don't know Sorin, my guess is that it's a localization issue.

    Matthew: Here's the thing. If you take an XP SP1 box and put it on the web, you've got to download like 40+M of patches before it's safe.

    If you install these patches and then go to WU, it's like 2M of patches before it's safe.

    Your changes are thus statistically better that you'll be able to get the patches downloaded to your machine before you get nailed with a worm.

    You're right that it's not the most up-to-date version of the patches. But it's a heck of a lot better than no patches at all.
  • Couldn't they put the CD for download (the whole CD, not just the individual packages scattered all over the site)? Then it would be easier to get it (and more up-to-date) for people with broadband or people who know someone with broadband.

    They could even use bittorrent.
  • The CD wouldn't be any smaller than the individual packages... But you're right, an ISO image might be an interesting idea.

    The CD's for people who don't have broadband afaict.
  • These security CDs also encourage (and automate) turning on the firewall as part of the install; that prevents all known worms from getting to you while you download the remainder of the security fixes online. Also, if you use the Windows Update site, it will download an "express" or binary delta from what you currently have; these are typically much, much smaller than the full network/standalone patch if you download from the Microsoft.com download center (the link in the security bulletins.)
  • Yeah, the CD wouldn't be smaller, but it would be in just a single easy-to-download file that you can burn and take to your friends' houses.

    Besides, to have broadband you need to have at least one computer with the OS already installed, which can cause a nice catch-22. Having a friend download the CD with the patches solves it nicely (and is much faster than ordering it from somewhere or trying to find the right individual packages). It'd be even better if the CD gets constantly updated (or has a separate smaller file with important updates since the last version).

    Of course, it would have to be one CD for each localized version of Windows. Which reminds me of one thing I always wanted to know... Why not putting string resources in separate files and having a single copy of the code? Like gettext()? It's too easy to end up with a mixed install, with some DLLs from the Brazilian version and some from the US English version.
  • Cesar,

    What a good idea :) Check out http://zdnet.com.com/2100-1104_2-1010051.html

    or: http://download.microsoft.com/download/1/8/f/18f8cee2-0b64-41f2-893d-a6f2295b40c8/TW04046_WINHEC2004.ppt (a ppt file)

    One of the features of Longhorn is called MUI, and it involves extracting all the localization information from a binary and splitting it into a separate file that can be replaced on-the-fly.


Page 1 of 1 (12 items)