>>Hrm, how about inventing an option (at install time) that places a very restrictive firewall on the network connection by default, say, only outgoing port 80 to windowsupdate.com (or even better, only let it establish a secure tunnel there), so you can patch and then loosen the firewall settings after that?<<
It doesn't address the issue. The requirement is that some MS customers need to patch without putting the machine on the internet. For whatever reasons. Is that such an unreasonable request? Geo. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
