Most computer devices, such as personal computers, have a software image in a local storage medium, such as a hard disk, that includes the base operating system and applications required to run the computer. Various techniques are known in prior art to get the initial software image loaded onto each computer device, and one novel technique has been disclosed in the Method and System for Deploying a Single Image to Personal Computer(s) patent (the Image Deploy Patent referenced above).
That installed software image is requiring more frequent updating than it did in the past. New versions of software, including the operating system and applications, are one reason why the software image on a personal computer needs to be updated. Another reason is that more defects are being identified after the software has been installed, sometimes as a result of attacks or as a result of errors reported by users. Further, the software frequently is enhanced with new and improved features and functions. All of these changes mean that the software image stored on a computer must be updated to achieve the best results.
The updating of software has also been required more often with the increasing frequency of viruses and other harmful code (such as trap doors and Trojan horses), which are distributed through the Internet and other networks. As users more frequently connect to such sources of un-trusted code and potentially harmful materials, the proliferation of viruses and the detection and neutralization of such viruses is becoming a significant challenge. Recently, it seems that a new piece of code (such as a new release of Windows) is hardly announced before new attacks are launched on it, particularly for a piece of code such as a widely-used operating system. The discovery of new attacks leads to patches for the code, patches which must be distributed and installed on each personal computer in order to be effective.
Due to the complexity of the software running on computer devices, the number of security issues being found and the rate of updates for software applications, the number of changes required to the software image is increasing at a very fast rate. These changes to the software image include but are not limited to operating system patches that fix software defects, operating system patches that fix security issues, application patches that fix software defects, application updates that enhance application functionality and the delivery of new applications. These updates to the software image need to be applied to devices that have already been deployed in the field.
Today's solution to updating computer devices already deployed in the field is to download these patches and software updates to the currently running device and apply them to the running copy of the software image. As a result, if the running copy of software contains any “malware” (such as spyware or viruses), then this “dirty” machine is still “dirty” after the patch or upgrade is applied. In addition, organizations are trying to apply these changes to deployed devices as quickly as possible since many of the changes are security updates needed to keep devices from being compromised by malicious software. Failures during the update procedure are common since the updates are frequent and the testing is limited due to the difficulty in testing all combinations of software images with the deployed hardware in a reasonable amount of time. Some failures also occur because the running software image is constantly changing as the software is run by each user. There are many ways in which the software image changes as it is used. Some of the changes a user makes intentionally to the software image include downloading and installing a new application, updating an existing application and installing a plug-in for an existing application. Many changes to the software image are made automatically by software, without a human controlling it (or sometimes even being aware of it). These changes include automatic updates of the operating system and applications over the Internet, changes to the core operating system when a new hardware peripheral is attached and changes from malicious software such as worms and viruses. In addition, normal day-to-day usage of a computer with a local storage medium will cause local files and setting to be modified. This makes each software image on deployed devices unique and therefore the chance of the required patches and software updates failing is significant.
A better method to update software images for deployed devices is critical. The cost of software update failures is enormous in terms of lost productivity and information technology (IT) costs associated with rebuilding a device that fails to update correctly. The ability to apply software updates to a well-known “clean” image without losing user data is required to improve the software update method. This will clean a “dirty” machine infected with virus and spyware, while increasing the success rate compared to prior art software distributions.
Other disadvantages and limitations of the prior art systems are also apparent to those skilled in the relevant art and will be apparent from the description of the present invention.