Comments on: Microsoft releases 'critical' updates for new programs

This month's Patch Tuesday focuses on fixes for vulnerabilities in 2007 editions of Internet Explorer, Exchange and Office.

[Dalkorian]

definition

oxymoron: an obvious contradiction of terms.
Example: Micro$loth security.

"The fact that several of the newly reported vulnerabilities
critically affect Internet Explorer 7, Office 2007 and Exchange
2007, hurts Microsoft's security message, said Amol Sarwate,
manager of the vulnerability research lab at Qualys. Microsoft
has marketed these programs as secure, citing its security
development process."

Maybe we better read over those claims again, did they actually
claim their newest junk offerings were "secure" (a rediculously
stupid claim all by itself - there is no such thing as "secure
software"!), or "the most secure version to date". M$'s security
record is so bad at this point that if they could release
something that only had a thousand major security holes it
could be called a major improvement!

But hey, if you're still drinking Bill's Kool-Aid, you're probably to
high to realize you're being taken for a ride. In that case, enjoy
your slavery!

[herby67]

Can count?

Windows security vulnerabilities within a year (any recent year) are well below Apple's as well as below most linux distros.
If you think that's an important security metric (I don't) you are bashing the wrong products.

[wbenton]

Critical Security Issues & Microsoft

Critical Security Issues should be patched within 24 hours with non-critical issues being patched within 72 hours.

Microsoft released SEVEN (7) critital security patches during their regular monthly update.

If they had all been discovered the day before... nothing really needs to be read into it at all.

But we all know that several of these zero-day flaws have been out for quite some time.

But rather than act like a security concious company and offer patches for critical flaws within 24 hours... they wait long past the non-critical 72 hour mark and release critical patches on thier Patch Tuesday... only once a month!!!

They ARE NOT serious about security.

Otherwise they would have released patches within 24 hours!!!

Walt

[WillyWiggler]

72 hours?

Indeed! Clearly 24 hours is enough time to investigate, fix & test a patch to complex systems software.

Name one company that patches their security holes within 72 hours.

[kathy.collins]

What is going on in this country?

I find it interesting to watch the broader picture surrounding security in America. NOTHING is more important to safety than SECURITY. Why is this concept so difficult to understand and implement? We need to secure our borders ALL OF THEM......especially cyberspace. Windows needs to be SECURE

[BoB_Roberts54321]

MS Patches are crashin' W2K systems

It would appear that the this weeks' patches are crashing W2K server and workstations. The patch installs, and after a reboot the machine will either blue screen or reboot. There are multiple people reporting this issue on the MS Newsgroups, however I have yet to find an "official" response from MS.
Let's hope they have a fix soon!!
BoB...

[wbenton]

Microshaft's way of getting you to upgrade

It's because they want you to upgrade to WinXP or even better "for them" Vista!!!

(* GRIN *)

They've done it in the past and they'll continue to do it more in the future as well.

Walt

[linuxcable23]

KOOL AID I AM NOT DRINKING

M$$ M$$ M$$ allways talking about what they did and what they can do not allways walking the walk its like come on vista 6 years to desgin that give me a break its a fancy looking xp with a cheap security fix M$ does not care about anything but making money thats plain and simple if they really made a product that was good or secure we would not be here talking about it. futher more if your smart linux and apple have been allways making stuff better and more secure and did i mention its free cant beat it so when your done with the bill Gays Kool aid get something that really works!!!!!