Retail PCs can reach customers without latest patches

IDG News Service - The excitement home buyers feel when taking a new PC out of its box can be short-lived if the machine is vulnerable to the swarm of viruses and worms on the Internet.

One senior administrator at a major research university recently endured a prolonged setup procedure with his new laptop. The administrator, who asked not to be identified due to the visibility of his position, purchased a laptop in May after encountering delays in obtaining the notebook, which was first introduced last March along with Intel Corp.'s Centrino technology.

After connecting the notebook to the Internet over a dial-up connection, the machine started crashing repeatedly in a sequence that looked eerily familiar to the administrator's experiences with the Blaster worm last August. Sure enough, a Google search quickly confirmed his diagnosis, setting the stage for a two-hour marathon download of Windows Update patches and the Blaster Worm Removal Tool from Symantec Corp.

Current PC users are constantly reminded about the need to download patches and operating system updates as soon as they are made available. But those users may not realize that a "new" PC might have been sitting in a warehouse for several months, and might lack the most recent patches required to keep it safe from viruses and worms.

To meet delivery deadlines, PCs bound for the retail market must have their operating systems frozen about three to four weeks prior to the date on which they are made available, said Jim Kahler, manager of consumer support for Hewlett-Packard Co.'s consumer PCs. With Microsoft Corp. releasing new security updates almost every month, there's no simple way to ensure that when a PC finally makes it to the user, that PC contains the latest updates required to secure the system, he said.

HP advises all buyers to activate the built-in firewall that comes with Windows XP prior to connecting the machine to the Internet, Kahler said. The next major update to the Windows operating system, Windows XP Service Pack 2, will help improve security by turning on the firewall as the default option on future releases of the operating system.

Toshiba Corp. ships every PC with documentation that urges customers to immediately visit the Windows Update Web site and download and install any software patches that the site identifies as missing on that PC, said Carl Pinto, director of product development.

Most of IBM's PC customers are businesses that have an IT staff member who makes sure each PC contains the necessary updates before passing it along to the user, said Clain Anderson, director of marketing for IBM's wireless and security solutions.