Behind the Window Update Scenes. From vulnerability to pat?h.

No ratings

Presented at ZeroNights 2011 by

Andrey Beshkov

In this report it will be shown how different programs inside Microsoft, directed on interaction with security researchers and vulnerability brokers, work. How vulnerability data are accepted and processed. How vulnerability check, variability in vulnerabilities, classification and making a decision on what to do next with this vulnerability are conducted. Also questions on testing of produced patches will be covered. You will learn why patches are monthly released. Then we will talk about provision of stable update of more than billion systems on the planet. The most frequent ways of exploit appearance in the first 30 days after patch release will be shown. And also it will be told how MS exchanges data with security partners for them to be able to protect clients, who do not have time to update during the first month, with help of updates to IDS/IPS and antiviruses. Also it will be told about 0-day vulnerabilities influence on overall landscape of Microsoft products security. All the data, given in the report, are gathered from 600 millions of PC in 117 countries.