

Ask HN: Why are Windows security updates larger than the ENTIRETY of Windows? - alister

A vanilla install of Windows XP uses 1.2GB of disk space.<p>But 83 critical security patches need to be downloaded
and installed right away. These add 5.3GB to the system.
That's 4 times as big as all of Windows XP!<p>(This is all according to a recent RISKS article.)<p>I'm reminded of the story of how a statically-linked
"Hello, World" program was over a megabyte. It turned out
that all the Unicode characters were thrown into libc.<p>I'm thinking that there has got to be a similarly interesting
reason as to how security patches can be massively bigger than
the OS itself.
======
cperciva
There's probably multiple updates affecting the same code, with the effect
that bits are downloaded which get replaced without ever being used.

~~~
alister
So you're saying that (eg.) security patches 1 to 83 download eighty-three
slightly different versions of file X, only the last of which is used.
Presumably versions 1 to 82 shouldn't be saved -- and I don't see evidence in
XP that they are for security updates.

The original article -- here, by the way,
<http://catless.ncl.ac.uk/Risks/26.47.html#subj8> says that the final result
is 6.5GB of hard drive space for a patched XP install.

~~~
cperciva
I believe that Windows keeps patch downloads stored somewhere even after they
have been extracted and installed.

