[attrition] Errata - Auto Fail: Automatic Update Mechanism Failure
security curmudgeon
jericho at attrition.org
Thu Aug 27 03:59:39 UTC 2009
[We're sure there are a lot more incidents. If any come to mind, please
submit them to errata[at]attrition.org.]
http://attrition.org/errata/autofail.html
Auto Fail: Automatic Update Mechanism Failure
New update available! Click here to download now!
>From virus signature updates that identify competing products as a trojan,
to operating system updates that break core functionality, there has been
no shortage of quality control failures in updates released by vendors.
Many of these updates are delivered to the user's computer via automatic
update mechanisms. That means these problematic updates are delivered to
millions of computers quietly and efficiently, typically without user
interaction.
It's always welcome to see security bugs fixed or better rules released in
the products we use. But when the price of that fix is at best an
annoyance and at worst a complete system failure, we're not so sure it's
worth it. At the very least, users should be aware of the various types of
failures and the frequency with which they occur.
While mistakes happen to everyone, we'll leave it as an exercise to the
reader to notice any trends from repeat offenders.
[..]
More information about the attrition
mailing list