Systems and methods for shielding an identified vulnerability

US 20060185018A1
Filed: 02/17/2005
Published: 08/17/2006
Est. Priority Date: 02/17/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

identifying a vulnerability in at least one of a plurality of features of an application module; and

forming a communication for receipt by a plurality of clients to shield execution of the application module from the identified vulnerability, wherein the communication describes that the at least one said feature is to be disabled from execution in conjunction with the application module.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are described for shielding a vulnerability in an application through disablement of one or more features. In an implementation, a method includes identifying a vulnerability in at least one of a plurality of features for an application module. A communication is formed for receipt by a plurality of clients to shield execution of the application module from the identified vulnerability. The communication describes that the at least one feature is to be disabled from execution in conjunction with the application module.

Citations

20 Claims

1. A method comprising:
- identifying a vulnerability in at least one of a plurality of features of an application module; and
  
  forming a communication for receipt by a plurality of clients to shield execution of the application module from the identified vulnerability, wherein the communication describes that the at least one said feature is to be disabled from execution in conjunction with the application module.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method as described in claim 1, wherein each said application module is selected from the group consisting of:
    - an operating system;
      
      a word processor;
      
      a browser;
      
      an instant messaging module;
      
      a spreadsheet application;
      
      a note-taking application;
      
      a photo-manipulation application;
      
      a game; and
      
      a presentation application.
  - 3. A method as described in claim 1, wherein the communication is not capable of curing the identified vulnerability.
  - 4. A method as described in claim 1, wherein the at least one said feature is provided by a plug-in module.
  - 5. A method as described in claim 1, wherein the communication:
    - causes a respective said client to disable the at least one said feature; and
      
      includes a notification for output by the respective said client which;
      
      describes the vulnerability; and
      
      provides functionality to enable the at least one said feature after the at least one said feature has been disabled.
  - 6. A method as described in claim 1, wherein the communication causes a respective said client to disable the at least one said feature automatically and without user intervention.
  - 7. A method as described in claim 1, further comprising examining a policy which describes a relative degree of compliance that the client is to utilize when applying the communication.
  - 8. A method as described in claim 1, further comprising forming another communication for transfer over the network to cure the identified vulnerability and to enable the at least one said feature.

9. A method comprising:
- determining that a vulnerability exists in at least one of a plurality of features for a particular version of an application module; and
  
  forming a communication for transfer over a network to each of a plurality of clients having the particular version of the application module, wherein the communication describes a feature to be disabled that shields execution of the application module from the vulnerability.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. A method as described in claim 9, wherein the communication is not capable of curing the vulnerability.
  - 11. A method as described in claim 9, wherein the application module is selected from the group consisting of:
    - an operating system;
      
      a word processor;
      
      a browser;
      
      an instant messaging module;
      
      a spreadsheet application;
      
      a note-taking application;
      
      a photo-manipulation application;
      
      a game; and
      
      a presentation application.
  - 12. A method as described in claim 9, wherein the feature is provided by a plug-in module.
  - 13. A method as described in claim 9, wherein the communication:
    - causes a respective said client to disable the feature automatically and without user intervention; and
      
      includes a notification for output by the respective said client which;
      
      describes the vulnerability; and
      
      provides functionality to enable the feature after the feature has been automatically disabled.
  - 14. A method as described in claim 9, further comprising examining a policy which describes a relative degree of compliance that the client is to apply in response to the communication.
  - 15. A method as described in claim 9, further comprising forming another communication for transfer over the network to cure the vulnerability and to enable the feature.

16. A method comprising:
- receiving a communication at a client from over a network which identifies at least one of a plurality of features to be disabled from execution in conjunction with an application module due to an identified vulnerability; and
  
  examining a policy which describes a relative degree of compliance that the client is to utilize in response to the communication.
- View Dependent Claims (17, 18, 19, 20)
- - 17. A method as described in claim 16, wherein the policy is based on a license agreement involving execution of the application module on the client.
  - 18. A method as described in claim 16, wherein the policy is specified at the client by a user of the client.
  - 19. A method as described in claim 16, wherein the policy is specified by a network administrator for a plurality of said clients.
  - 20. A method as described in claim 16, wherein the relative degree includes automatically disabling the at least one feature or outputting a notification that describes the identified vulnerability.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Rigas, Leonidas E., Rader, Walter B., Saretto, Cesare John, Badh, Ranjib S., Paradise, Paul M.

Application Number

US11/060,211
Publication Number

US 20060185018A1
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/577 Assessing vulnerabilities a...

Systems and methods for shielding an identified vulnerability

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for shielding an identified vulnerability

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links