Loading user information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading user information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

Why Johnny Can't Patch: And What We Can Do About It

29 minutes, 50 seconds


Right click “Save as…”

Malware typically targets vulnerabilities that were fixed a long time ago. This only works because users are not installing security updates. We set out to find out who these users are, how many of them there are, and why they aren't patching. We found that unpatched users are prevalent, that patching levels vary significantly across applications and geographic regions, and that there are several contributing factors. This talk will present our findings and propose some potential solutions for these issues.

Follow the discussion

  • Oops, something didn't work.

    Getting subscription
    Subscribe to this conversation
  • BenBen

    I have a theory. Is patching based on the current internet bandwidth available? Like the BITS service to silently download in the background. Windows 7 updates bigger than XP updates?

  • BenBen

    Another idea is that patches installed on shutdown cause more issues? than when patches are installed on reboot? I noticed in windows 8, patches can only be installed on reboot, which is an excellent choice by the way.

  • BenBen

    Maybe change the retail price of Windows 7 and 8 to $100 or even $50 to help make XP and Vista users consider the option of upgrading/fresh install. You know, for those custom made computers from PC shops, that price is pushed to consumers. I think most users are not technical enough to handle an upgrade process and most are afraid of change. Maybe on the upgrade page, list the set of improvements in the security section, what is changed, and other common features. Also, have a tutorial on how to use their computer. For example, show them how to update their computer, show them the steps, have them go through the steps and only continue if they went through the steps. Also mention that some updates will require a reboot. Also, tell them to check once a week (for them to develop the habit) for updates.

  • BenBen

    You should also look at how many do not have the latest 5 patches, the latest 10 patches, etc. Do those numbers fluctuate or do they increase or decrease on a trend? If a trend, there should be a patch that is causing an issue.

Remove this comment

Remove this thread


Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.