1. Field of the Invention
The present invention is related to software updates and, in particular, to a method and system for optimization of software updates for elements of a computer system.
2. Description of the Related Art
Development and testing of modern software applications takes a lot of resources.
Modern applications are more complex than in the past, and it is almost impossible to foresee all possible scenarios of application use. Therefore, an application development process always leaves room for errors based on the execution environment and the system configurations. This needs to be taken into account when new software is installed, or when application modules are updated, or when some applications run concurrently.
Typically, an application version is released by a certain date often with an unknown number of bugs and execution errors. Once error reports from users are collected by application developers, they release updates (or patches). However, some users (virus writers or hackers) are engaged in the application errors search. These users find the application errors to take malicious actions and never report the errors they found to the developers to keep them in the dark for as long as possible.
The software vulnerabilities can be exploited in order to affect system integrity, to cause malfunction(s), to access protected computer system resources and gain control over the computer system. The vulnerability can be a result of programming errors or some miscalculations in a design of software.
Most of large software vendors continuously attempt to find and fix vulnerabilities in the applications they released. As a result, in order to eliminate vulnerabilities and correct errors the software updates are produced regularly. Generally there are some difficulties in an update process of computer systems with a large amount of installed software. Frequently, an installation of one application update conflicts with installation of another application update. There are a number of the solutions for optimization of the computer system update process.
U.S. Pat. No. 7,500,234 describes a method for selection of a platform for testing patches. The testing platform is selected based on a computer system configuration and a set of devices employed by the computer system. The proposed method uses selection of pseudo-test platform and simulates an application on this platform. The update is tested in the environment, which basically matches a user computer system. This approach cannot be used for testing updates independent of the user computer configurations.
US Patent Publication No. 20040210653A1 provides an algorithm for analyzing the vulnerabilities of the devices. The analysis determines the necessity of updates based on the detected vulnerabilities and content of the updates. The system does not test the updates and determines the effects of the updates on the functionality of the computer system as whole. However, the described conventional systems are not efficient in case of the computer systems running a large amount of software. Furthermore, the conventional update systems do not estimate a feasibility of the update installation given the information about update vulnerabilities.
Accordingly, a method and system for efficient and effective optimization of computer system update process is desired.