Horror movies are so cliché. I think a new sub-genre devoted to the horde of software updaters you find on each PC would be much more compelling. It’s out of control today. As soon as Microsoft got their act together on security updates, the bad guys turned to third party apps. It’s bad enough for consumers (who are fed up - just google “software update HEdoublehockiesticks”) let alone enterprises.
In general each vendor produces a different updater for each product. A typical PC easily has:
· Updater for Adobe Air
· Updater for Adobe Flash Player
· Updater for Adobe Reader/Acrobat
· Updater for Adobe Shockwave Player
· Updater for Apple iTunes
· Updater for Apple QuickTime
· Updater for Oracle Java
· Updater for Mozilla Firefox
That doesn’t include updaters for hardware. I have one from Lenovo for the laptop itself and one from HP, just because I use an HP multi-function printer.
When you have a lot of PCs and they all try to download a 100mb update at the same time your network will suffer. To say nothing of the lack of control you have over whether users prevent important updates from being installed. In this age of APTs you can’t leave a single PC unpatched and vulnerable.
Enough ranting. I’m going to deal with this whole topic in my upcoming webinar “Stopping the Adobe, Apple and Java Software Updater Insanity”. I will share tips and caveats for dealing with the most common software updaters from Adobe, Apple and Oracle. But the bottom line is that we need centralized patch management and I’ll explore the important requirements and architectural issues you should be aware of in this space. Russ Ernst who will be joining me is a software update expert; his team at Lumension eat, sleep and breath software updates because they have package them all up and make them reliably deploy via their Patch and Remediation solution. I think you will be benefit from both of our presentations so please register now.