1. Field of the Invention
The present invention relates to a technology for installing software such as an operating system (hereinafter referred to as “OS”) in a computer.
2. Related Art
Recently, extensive diffusion of the Internet and Intranet has caused a situation in which attacks through a network on devices connected to the network have been rapidly increased, and in which damages to network users have been expanded. Incidentally, many of such attacks through the network take advantage of security vulnerabilities (e.g., security holes), which are discovered in an already-released packaged product or the like. Unexposed security holes at the time of releasing the OS are discovered after the release to be a target for such attacks. At present, the OS is normally distributed with a recording medium such as a CD-ROM, and since it is considered that such a distribution method will not be changed in the future, attacks exploiting security holes will also be unending.
In view of the aforementioned situation, it is a general practice for an OS vendor to provide a security patch for solving a security problem with the OS, which is discovered after release. That is, each user downloads a necessary security patch from a download server prepared by the vendor of the OS which the user uses, and applies the security patch to the OS of the user. Here, the security patch is defined as a correction module against security holes. In general, software is configured by a plurality of modules, and the problem is solved by applying the correction module to a module with a problem therein.
However, when a security patch is applied after the released OS is installed in the computer, the computer is initially connected to the network with the OS having a security problem. At this time, therefore, there is a possibility of the computer being attacked through the network.
Consequently, it has been suggested that a recording medium, to which a security patch has been already applied, be prepared as a recording medium for installing the OS (hereinafter referred to as “installation medium”), and that this be used for installing the OS (see, for example, Daniel Petri, “MCSE world Windows 2000/XP SP Slipstreaming,” December 2004, and Kunihiro Saitoh, “Distribution of Windows 2000 SP4 Japanese version starts,” Jul. 3, 2005, Nikkei Windows pro, hereinafter respectively referred to as “Petri” and “Saitoh.”
In Petri, the user downloads the security patch in advance, and the installation medium, to which the security patch has been already applied, is created by the user. Specifically, an installation CD as one example of the installation medium is created through the following procedures.                1. The security patch of the OS to be installed is downloaded through the Internet in advance.        2. All of files in commercially available installation CD for the OS to be installed are copied on a hard disk or the like.        3. The files copied in the above-described procedure 2 are overwritten by the file of the security patch downloaded in the above-described procedure 1.        4. All of the files are written in a recording medium such as a CD-R to create a bootable CD.        
In Petri, a system, to which a security patch has been already applied, is needed in addition to a system targeted to be installed, in order for a user to download a security patch. In addition, there is a problem in that procedures at the time when the user actually creates an installation CD is very cumbersome, and that CD-R writing environment is necessary
In addition, there has been disclosed, in Saitoh, a service where the vendor of the OS distributes the installation medium to which a security patch has been already applied.
In addition, in Saitoh, it takes time for an installation medium, to which a latest security patch is applied by a vendor, to be delivered to the user. Security problems are often discovered, and security patches to resolve such problems are accordingly provided in a short period of time. For this reason, there is a problem that the installation medium delivered to the user is not always the installation medium to which a latest security patch is applied.
On the other hand, there is a technology which is based on the premise that the OS is installed before a security patch is applied (see, for example, Tetsu Yamato, “Considering countermeasures to new virus, (8) promotion for application of security update patch (first part),” Dec. 12, 2003, Internet Watch, hereinafter referred to as Yamato.
In Yamato, there is disclosed that the OS is installed by using an installation medium (such as a recovery CD) to which the security patch has not been applied at all. Thereafter, the security patch is applied while an access from outside is blocked by a personal firewall. Furthermore, Yamato merely discloses general procedures for applying the security patch after the OS is installed. With these procedures, when the OS does not initially include a personal firewall after installment, the personal firewall needs to be purchased separately to be installed. Thereafter, the user sets up the personal firewall. However, the setting depends on the OS, and considerable amount of technical knowledge is needed to set up the personal firewall correctly. Accordingly, there is a problem that the computer is connected to the network unintentionally before the personal firewall is set up, or that there is a possibility of being attacked through the network due to a wrong setting.
It should be noted that a similar problem can be caused not only when the OS is installed but also general software other than the OS is installed.