Patent · US Expired

Method and system for identifying, fixing, and updating security vulnerabilities

US6907531B1 · kind B1 · utility

55Cited by

51References

48Claims

0Family size

Assignee

Internet Security Systems, Inc. · US

Inventors

Timothy David Dodd · Tucker, US
Scott Mewett · Cairns, AU
Curtis Ide · Roswell, US
Kevin Overcash · Carlsbad, US
David Allen Dennerline · Sandy Springs, US
Bobby J. Williams · Atlanta, US
Martin D. Sells · Canton, US

Key dates

Filing date	Jun 30, 2000
Grant date	Jun 14, 2005
Priority date	—
Expiry date	Jan 18, 2023

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/577
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method and system identifies, fixes, and updates security vulnerabilities in a host computer or host computers. The present invention can communicate between a scanner with plug-in capability, an operating system, and an express update package.The architectural set-up can allow exploits within the scanner and exploits in the express update package to function with no knowledge of each other. The user also needs no knowledge of whether the exploits are within the scanner or the express update package. Mutual authentication procedures can enable the scanner to load only legitimate express update packages, and can provide that express update packages can only be loaded into legitimate scanners.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.