METHOD AND APPARATUS FOR SECURING A COMPUTER
First Claim
1. A computer system arranged to run at least one user-oriented operating system on which a plurality of user-oriented applications may run, the computer system being further arranged to run a secondary program supporting environment;
- wherein the computer system is arranged to run within the secondary program supporting environment an agent program or programs operable to communicate with one or more remote servers to obtain security patches associated with the user-oriented operating system and/or the user-oriented applications and wherein the computer system is configured to apply any security patches obtained by the agent program or programs prior to the user-oriented operating system setting up a network connection on boot up of the user-oriented operating system or prior to permitting certain specified user-oriented applications running on the user-oriented operating system from using a network connection.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer system (100) is arranged to run at east one user-oriented operating system (153) (e.g. Windows, LINUX, etc.) on which a plurality of user-oriented applications (152) (e.g. Word processor, web browser, spreadsheet application, etc.) may run, the computer system being further arranged to run a secondary program supporting environment (154), (155) (e.g. computer BIOS, Hypervisor, basic LINUX operating system micro-kernel, etc.). The computer system (100) is arranged to run the secondary program supporting environment (154), when the main user-oriented operating system is not miming in either or both of the following situations: prior to loading the main operating system at boot-up time of the system or when a user wishes to log back into his/her operating system after having previously logged out or having been logged out automatically and/or during a sleep mode of the computer system. The computer system (100) is arranged to run within the secondary program supporting environment an agent program or programs (157), (158) which are operable to communicate with one or more remote servers (300) to obtain security patches associated with the user-oriented operating system and/or the user-oriented applications.
26 Citations
8 Claims
-
1. A computer system arranged to run at least one user-oriented operating system on which a plurality of user-oriented applications may run, the computer system being further arranged to run a secondary program supporting environment;
- wherein the computer system is arranged to run within the secondary program supporting environment an agent program or programs operable to communicate with one or more remote servers to obtain security patches associated with the user-oriented operating system and/or the user-oriented applications and wherein the computer system is configured to apply any security patches obtained by the agent program or programs prior to the user-oriented operating system setting up a network connection on boot up of the user-oriented operating system or prior to permitting certain specified user-oriented applications running on the user-oriented operating system from using a network connection.
- View Dependent Claims (2, 3, 4, 5)
-
6. A method of updating a computer system arranged to run at least one user-oriented operating system on which a plurality of user-oriented applications may run and a secondary program supporting environment, the updating method operating to keep the computer system protected from having vulnerabilities, in the user oriented operating system or in a user application running on the user oriented operating system, from being exploited by malware, the method comprising a program or programs, running within the secondary program supporting environment, communicating with one or more remote servers to obtain at least one security patch or filter, the at least one security patch or filter being associated with the user-oriented operating system and/or with a user-oriented application operable to run on the user-oriented operating system;
- wherein the method further comprises the computer system applying any security patches obtained by the agent program or programs prior to the user-oriented operating system setting up a network connection in respect of either the user-oriented operating system as a whole or in respect of a user oriented application to which an obtained patch applies, or at least prior to the user-oriented operating system permitting certain specified applications such as a web browser from using a network connection.
- View Dependent Claims (7, 8)
Specification
-
- Resources
-
Current AssigneeBritish Telecommunications PLC (BT Group PLC)
-
Original AssigneeBritish Telecommunications PLC (BT Group PLC)
-
InventorsEl-Moussa, Fadi, Dimitrakos, Theo
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/26
-
CPC Class CodesG06F 21/121 Restricting unauthorised ex...G06F 21/53 by executing in a restricte...G06F 21/572 Secure firmware programming...G06F 21/575 Secure bootH04L 63/02 for separating internal fro...
