Microsoft’s unpatched security bugs
George Ou at ZDnet is mystified (as many of us are) at why Microsoft can’t patch ALL their security vulnerabilities. Most of the unpatched vulnerabilities are considered minor (as was the 6 month old bug that in the last week was discovered could be exploited for more than a Denial of Service…) His point is, if small companies (even open source groups) can patch ALL security bugs big and small, then why can’t Microsoft with it’s legions of coders?
This is one of those sore points for me with regards to Microsoft. Given their vast resources (money and programmers) I don’t see why they would let a security bug sit for months or even years. This is one of the things that has given me greater respect for open source projects, seeing bugs patched with reasonable speed and thoroughness. (How Microsoft can claim that they’re average disclosure-patch time is less than comparable open source software is beyond me. I saw one claim a while back of within 24 hours…. that must be from when they disclose it (announced at the same time as patches)).
To be fair, I think there are some unpatched Firefox vulnerabilities at the moment, but once again I invite visitors to go to the secunia page for both products….
firefox 1.x 3 unpatched.
Internet Explorer 6.x 21 unpatched.
Opera 8.x 1 unpatched.
(and the Opera vulnerability is 12 days old…)
I would invite folks to try out either Opera or…
For that matter though, I would like to see Firefox deal with the unpatched vulnerabilities.
However, Microsoft makes more than a web browser and in his post he lists each of the unpatched XP vulnerabilities. His hope is to hear an ETA from Microsoft on a fix…. good luck with that one.
Popularity: 1% [?]
Related Posts - Another critical IE flaw I should mention a fairly big Windows vulnerability (which involves active scripting). Apparently there are proof-of-concept exploits circulating that do innocent things like open up the calculator. Unfortunately, once exploits are out that can do this, it's trivial for them to do worse. The bottom line is, be careful what......
- Open Source Java and Linux distros redistributing java For years, the call has been to open source Java.... it appears that day is, well... coming. Not at hand yet, but for startersJava can now be bundled with Linux distributions.... and is looking for advice on how to get from where they are to open source Java. So it......
- Firefox vulnerabilities and 1.5 Release Candidate I know there's been at least one and probably a couple of Mozilla Firefox vulnerabilities announced in the last month or so. There are currently (according to Secunia) 3 unpatched Firefox vulnerabilities. The secunia page for firefox has the details. There are two vulnerabilites for which there is a workaround......
Related Websites - Symbian^3 announced The Symbian Foundation has unveiled the Symbian^3 (S^3) platform. S^3 is the first entirely open source release following the platform’s transition to an open source license earlier this month. S^3 is expected to be “feature complete” by the end of Q1. Lee M. Williams, Executive Director of the Symbian Foundation,......
- A Strong Week in Tennis for Champion Players This week, there were a few different kinds of games going on throughout the world. These different matches pitted some of the top ranked players in the world against one another to be able to earn the title. While these smaller tournaments might be dwarfed in the shadow of the......
- How to Do Home Window Installation Replacing and installing windows can seem like a daunting and expensive task, but it can actually be incredibly simple to do yourself. When you do your own home window installation, you’ll be greatly cutting down on the costs since most of the cost of having windows installed is the labor.......
Similar Posts
- Firefox vulnerabilities and 1.5 Release Candidate
- Firefox Security Vulnerabilities.
- Network Security guide for the home or small business network – Part 14 – Alternative software
- IE too dangerous to use?
- Firefox code under the microscope