Microsoft's new Baseline Sustained Engineering (Baseline SE) patching policy, announced earlier this week, could improve IT security for its customers by forcing developers to work to a standard process.
Patching is a growing issue for IT directors. Vendors release a steady stream to fix flaws in their software, but these are often difficult to install, and get ignored until the vendor releases a major patch.
Most hacks, and viruses such as Code Red, are successful because available patches are not installed. Microsoft hopes that its new policy will make it so easy to install updates that users will not be able to avoid patching.
Microsoft currently uses eight systems to distribute patches to customers. By the end of the year, these eight installer technologies will be cut to two: one for operating systems and one for applications.
Simon Conant, security programme manager at Microsoft, told vnunet.com that the development of Baseline SE is an effort to introduce quality and consistency to the patching process.
"Microsoft has 55,000 employees, which works out as a lot of developers and a lot of different departments working on different products," he said.
"As a result, the development of multiple technologies results in the development of multiple patching solutions.
"Sometimes it comes down to an individual developer what the command line or interface for a specific patching system looks like."
He explained that Microsoft had tried the "softly softly" approach of encouraging developers to comply to a standard, but felt that it had not worked and so introduced Baseline SE as official policy.
"The idea is to make patching so easy - to ultimately have one update system - that users can't avoid patching," said Conant.
The standard will also help IT managers cope with the common problem of version control. Companies are often unsure which patch should be applied to which version of software, or whether they should be applied in a specific order.
"Users will be able to manage and update different versions of software on their network using these tools much more easily," he said.
Ollie Whitehouse, director of architecture at security firm @stake, indicated that Baseline SE demonstrates that Microsoft is taking security seriously.
"Years ago there weren't as many vulnerabilities as today, so there wasn't the need to update as often," he explained.
"Arguably, this patch pushing process should have been introduced much earlier - the antivirus firms adopted the model five years ago - but Microsoft deserves to be congratulated.
"Knowing Microsoft, it will also make the interface for this patching system so easy to use that even non-technical users will have no issues with conflicts or version control."
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago