Microsoft’s unpatched security bugs



George Ou at ZDnet is mystified (as many of us are) at why Microsoft can’t patch ALL their security vulnerabilities. Most of the unpatched vulnerabilities are considered minor (as was the 6 month old bug that in the last week was discovered could be exploited for more than a Denial of Service…) His point is, if small companies (even open source groups) can patch ALL security bugs big and small, then why can’t Microsoft with it’s legions of coders?


This is one of those sore points for me with regards to Microsoft. Given their vast resources (money and programmers) I don’t see why they would let a security bug sit for months or even years. This is one of the things that has given me greater respect for open source projects, seeing bugs patched with reasonable speed and thoroughness. (How Microsoft can claim that they’re average disclosure-patch time is less than comparable open source software is beyond me. I saw one claim a while back of within 24 hours…. that must be from when they disclose it (announced at the same time as patches)).

To be fair, I think there are some unpatched Firefox vulnerabilities at the moment, but once again I invite visitors to go to the secunia page for both products….

firefox 1.x 3 unpatched.
Internet Explorer 6.x 21 unpatched.
Opera 8.x 1 unpatched.

(and the Opera vulnerability is 12 days old…)

I would invite folks to try out either Opera or…

For that matter though, I would like to see Firefox deal with the unpatched vulnerabilities.

However, Microsoft makes more than a web browser and in his post he lists each of the unpatched XP vulnerabilities. His hope is to hear an ETA from Microsoft on a fix…. good luck with that one.

Related Posts

Blog Traffic Exchange Related Posts
  • What is Open Source Open source denotes that the origins of a product are publicly accessible in part or in whole. See Open source (disambiguation) for related topics and other meanings. This article focuses on open source as a modern or commonly used allusion to any open-source software (OSS) where its source code, its......
  • Open Source Java and Linux distros redistributing java For years, the call has been to open source Java.... it appears that day is, well... coming. Not at hand yet, but for startersJava can now be bundled with Linux distributions.... and is looking for advice on how to get from where they are to open source Java. So it......
  • Another critical IE flaw I should mention a fairly big Windows vulnerability (which involves active scripting). Apparently there are proof-of-concept exploits circulating that do innocent things like open up the calculator. Unfortunately, once exploits are out that can do this, it's trivial for them to do worse. The bottom line is, be careful what......
Blog Traffic Exchange Related Websites
  • Microsoft Security Advisory (2286198): Vulnerability in Windows Shell Could Allow Remote Code Execution Vulnerability in Windows Shell Could Allow Remote Code Execution Published: July 16, 2010 Version: 1.0 General Information Executive Summary Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of Windows are vulnerable as......
  • Microsoft to Improve User Access Control in Windows 7 I was just reading a Slashdot article about Microsoft improving User Access Control (UAC) in Windows 7. In the cited PC Pro article, Microsoft engineer Ben Fathi says: We've heard loud and clear that you are frustrated. You find the prompts too frequent, annoying, and confusing. We still want to......
  • A Strong Week in Tennis for Champion Players This week, there were a few different kinds of games going on throughout the world. These different matches pitted some of the top ranked players in the world against one another to be able to earn the title. While these smaller tournaments might be dwarfed in the shadow of the......
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site