RCP Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.

Barney's Blog

Blog archive

Monster Patch Tuesday Coming

Tuesday is coming. You know that means -- we're going to have a special guest. So wiggle your ears, like Mousketeers, cause Tuesdays is a special patch day.

With apologies to Anette Funicello, I bring you tidings of not quite great joy, as Microsoft is prepping its biggest load of patches ever.

Apparently, not willing to dish out an unlucky 13 fixes, Microsoft went for a solid 14. These patches cover pretty much the gamut -- Windows (of course), IE (of course), Office and Silverlight.

As usual, remote execution flaws lead the list. You can get all the details here.

In my opinion, the number of patches actually speaks more for Microsoft's diligence in hunting down flaws than intrinsic security flaws. Then again, I could be dead wrong. You, my faithful readers, are the real experts. So tell me, is Microsoft just getting better at patching, or is its software still fundamentally problematic? E-mail me at dbarney@redmondmag.com.  

Posted by Doug Barney on August 06, 2010 at 11:53 AM


comments powered by Disqus

Reader Comments

Fri, Aug 6, 2010 OLAP Monkey

I've applied thousands upon thousands of MS patches through the years...quite frankly no one does patching as well as Microsoft. Any other vendor you work with their patches have almost an equal chance of breaking something as they do fixing something. No other vendor on the planet is capable of delivering the quantity of patches that MS does without breaking everything under the sun.

Fri, Aug 6, 2010 Shawn Turpin Portland, Or

I think it is a combination of both, more diligence on Microsoft's part, and just plain security flaws. Just to clarify, I am not a MS fanboy (I use Linux and cherish my iPhone), but work heavily with Microsoft Server products. Anyways, I am sure after all of these years that Microsoft puts way more work into searching out and fixing security flaws than they have done in the past. They can't afford to just ignore them, just from a business perspective. I also feel, because the user base is so big, and the code is as huge as well, that things will slip through the cracks, black hats will try and find ways of "cracking" it. Really, the only safe program would be one that doesn't even touch a network. My 2 cents for what it is worth.

Add Your Comments Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above