Feb 01, 2010

Windows pirates encouraged to install security patches
10:17 AM

Microsoft has long had a policy of giving Windows pirates a free pass to download security patches. Yet many of the tens of millions of Windows pirates worldwide may not be aware of this policy, nor trust that Microsoft won't try to somehow penalize them, says Charles Wisniewski, security analyst at Sophos.

"I preach that users should trust Redmond for their word on this one, and that infected pirated copies of Windows are not doing anyone any good, especially Microsoft," says Wisniewski. "It hurts their reputation and, piracy or not, people should feel obligated to do their part for a safer Internet."

This is especially true in the wake of the Google-China affair. Attackers used a freshly discovered security hole in Windows Internet Explorer to hack into Google and dozens of other tech, financial and media corporations. Microsoft has since issued an emergency patch. But if tens of millions PC owners who are using pirated copies of Windows never patch that will make it easier for similar attacks to proliferate, security experts say.

Meanwhile, Steve Ragan, security editor at The Tech Herald, has conducted an extensive examination of how Google and the other corporations got breached via the Windows IE flaw. Ragan's bottom line: there's more circumstantial evidence pointing to a conventional attack by profit-minded data thieves, than to a Chinese-government-backed operation.

Either way, it is more important than ever for all PC users, including Windows pirates, to stay current on their security patches, security experts say. Microsoft spokesperson Jill Lovato supplied these written answers to Technology Live's questions about Microsoft's patch amnesty program.

TL: What percentage of Windows users worldwide are using pirated copies of Windows?

Microsoft: Our research shows that up to a third of customers worldwide may be running counterfeit copies of Windows.

TL: Can you confirm the estimate that 90% of Chinese PC owners use pirated copies of Windows?

Microsoft: We don't provide numbers broken down by region; as our research indicates, the total number worldwide is up to one third, so piracy is clearly a serious global problem.

TL: When did Microsoft begin making security patches available to users of pirated copies of Windows?

Microsoft: We've always made security updates available to all customers. Making security updates more broadly available helps to prevent the spread of malware and to fight cyber crime.

TL: How do users of pirated copies of Windows go about getting security patches?

Microsoft: Customers with non-genuine copies of Windows receive updates through Windows Update or the Download Center, just like other customers.

TL: How many users of pirated copies of Windows stay current on their security patches? Is it less than 10%. Less than 5%?

Microsoft: We don't have specific numbers to share on this topic.

TL: What assurance do Windows pirates have that Microsoft won't try to somehow penalize them when they download security patches?

Microsoft: We like to work with customers who have non-genuine copies of Windows, and at the same time work to improve the overall health of the Internet by fighting malware. We will continue this path of constructive engagement with our customers.

http://content.usatoday.com/communities ... -updates/1