Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Offline Microsoft Patching - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Offline Microsoft Patching

Heise brings us "Offline Update 3.0" to do offline installations of Microsoft patches.

Read more about it at:

Now this is a great concept. You can actually make a DVD to install the patches before you connect a PC (that's out of date on patches) to the Internet. If you think you can safely do that without this tool, take a second and think it through knowing that some of your friends needing a house call might have a USB connected DSL or cable modem and therefore not be using NAT, next take a look at the survival time and think how long it takes to get a windows system from original media to a fully patched status.

So, if you're going to visit parents, family or friends over the holidays, start your preparation now and make that disk today to take along. It'll improve the obligatory "Could you take a look at our computer while you're here?" response time dramatically and gives you a safe way to reinstall systems without a hardware based firewall.

If you have networks that you do not want to connect to the Internet cause the risks involved of doing that are just too big for the sensitivity of the involved data this might also become a way to patch those off-line machines.

Swa Frantzen -- Section 66


760 Posts
Dec 12th 2006

Sign Up for Free or Log In to start participating in the conversation!