Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Critics: Microsoft's 'Friendly Worm' Is a Dumb IdeaCritics: Microsoft's 'Friendly Worm' Is a Dumb Idea
Proposed method of deploying patches is swatted by industry experts
1 Min Read
Microsoft researchers have posted a new paper that offers an interesting solution to the patch management problem: a friendly worm.
In a nutshell, the paper suggests that epidemiological, worm-like solutions might be used to automatically make security updates to users' machines without the user's involvement -- or even knowledge.
The proposal might go a long way toward solving IT departments' ongoing challenge of patching and re-patching machines as new vulnerabilities are found. There's only one problem, according to critics: It's dangerous.
"[It's] a stupid idea," said BT Counterpane security guru Bruce Schneier in his blog.
"Patching other people's machines without annoying them is good; patching other people's machines without their consent is not," Schneier said. "A worm is not 'bad' or 'good' depending on its payload. Viral propagation mechanisms are inherently bad, and giving them beneficial payloads doesn't make things better. A worm is no tool for any rational network administrator, regardless of intent."
— Tim Wilson, Site Editor, Dark Reading
About the Author
You May Also Like
More Insights
Webinars
Uncovering Threats to Your Mainframe & How to Keep Host Access Secure
Feb 13, 2025Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025
_vska_Alamy_.jpg?width=700&auto=webp&quality=80&disable=upscale)
_Brain_light_Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale)