• w2tpmf@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    5 months ago

    If this lets you monitor the patch status of the end clients in your org, then it’s actually cheaper than existing solutions used for managing regular Windows updates.

    The only questionable part is how reliable, trustworthy, and secure is 0patch themselves?

    Allowing a third party access to patch system level files opens the risk of a rootkit install. (In fact their agent being able to access system would function much like a rootkit itself).

    They could easily backdoor something into thousands, or even tens of thousands of PC very quickly. Make a huge botnet, steal data, etc, etc.

    Assuming they are trustworthy themselves, if their security is compromised, either from hackers or even a rogue employee, the same results could happen and could take a long time to discover.

    • flambonkscious@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      You’re right - this is fucking stupid… Unfortunately, it’ll capture the business of small time shops that don’t know better