By Kimberly Hill -
Microsoft's new policy of limiting Windows updates to users who have authenticated their copies of its software may create new problems, some observers say, because unauthorized -- but vulnerable -- copies of the OS will not get patched and could help spread viruses.
The expansion of Microsoft's Windows Genuine Advantage program, announced this week, presents some security concerns regarding fast-spreading worms and viruses on the Internet.
Beginning in February, the company will require users of Windows XP in Norwegian, Czech and Simplified Chinese languages to participate in the pilot program, which verifies the authenticity of a copy of Windows before releasing any updates to it.
But many wonder whether this move will affect the ability of users to block harmful viruses and malware, especially in those countries where pirated software is ubiquitous. "If they withhold security updates so that all users not having a valid license can't get updates, it would significantly impact the general security of the Internet," Thomas Kristensen, CTO of security firm Secunia , told NewsFactor.
Global Push
All told, versions of Windows in 20 languages will be affected by the policy change, according to Microsoft. But only those using Windows in the Norwegian, Czech and Simplified Chinese languages will be required to participate now. Other users will be given the opportunity to opt-in to the program, as users of Windows XP in English have been able to do since last fall.
However, in the second half of 2005, visitors to Microsoft's download center and Windows update area of its Web site will be required to demonstrate that they have a valid license to their software before accessing any content.
For the time being, says Microsoft, it will continue to offer security updates in its automatic updates to Windows. Many users, though, have that feature disabled in their software.
Global Hacking
Although the program certainly is understandable from Microsoft's point of view -- some estimates pin the proportion of pirated software worldwide as over one-third of that currently in use -- it is "of concern to the Internet as a whole," said Kristensen.
Some countries have a history of unscrupulous hardware resellers distributing mass numbers of pirated copies of Windows. In those countries, Kristensen explained, networks and individual computers running that software -- without security updates -- would be prime targets through which hackers could launch Trojan code that could, in turn, allow them access to systems in more traditional hacking target countries in Europe and North America.
"Eventually, we will have a very large group of the population in those countries that have systems that can't be updated any more," he noted. "That just raises the number of machines you could abuse for these kinds of things."
Source: Enterprise Security Today
Leave a comment