Pender's Blog

Blog archive

Patches Can't Cover Windows Security Holes

Well, some Patch Tuesday that was. Just as Microsoft unleashes a passel of critical patches, another huge -- and thus far un-patched -- bug pops up.

The main target of this one seems to be Vista, so not many users will have to worry about it (heh heh). But it also affects Windows Server 2008 (although not Windows Server 2008 R2, apparently) and the Windows 7 release candidate (although not Windows 7 itself...apparently), so it's serious enough to merit a mention.

Microsoft's struggle to secure its software (or its willingness to have third parties do it) is a tale almost as old as the company itself. It's tough living life as the primary target for troublemakers, and it's even tougher when third-party vendors -- quite possibly for their own gain in publicity, which we're now helping with -- start piling on and criticizing Redmond's security efforts.

Of course, not many people are going to cry over the monopolist and industry behemoth having to constantly scramble to fix critical vulnerabilities. (By the way, "critical vulnerabilities" always sounds to us like some sort of action-romance movie, probably starring somebody like Julia Roberts.) And, to their credit, some of the more enterprising third parties out there -- stand up, Juniper Networks -- are offering protection from the security risk.  

But let's say this for Microsoft: At least the company does usually scramble to fix security holes. (Yes, we know about the vulnerabilities that exist for ages without a response from Redmond, but if something's serious, Microsoft generally jumps all over it.) And Microsoft provides automatic updates for users through its Patch Tuesday fixes.

There might be an argument as to how effective Microsoft is at securing its wares, or even about who should secure Microsoft's applications and how. But there's no question that the company, now more than ever, is serious about doing what it can to keep Windows safe. And that's a good thing for Microsoft and for most Microsoft partners. So, we're going to cut Redmond a little slack after a rough week. But probably just this once.

How satisfied are you with Microsoft's efforts to secure Windows and its other offerings? Do you think the company takes security seriously enough? Send your thoughts to [email protected].

Posted by Lee Pender on September 10, 2009


Featured

  • MIT Finds Only 1 in 20 AI Investments Translate into ROI

    Despite pouring billions into generative AI technologies, 95 percent of businesses have yet to see any measurable return on investment.

  • Report: Cost, Sustainability Drive DaaS Adoption Beyond Remote Work

    Gartner's 2025 Magic Quadrant for Desktop as a Service reveals that while secure remote access remains a key driver of DaaS adoption, a growing number of deployments now focus on broader efficiency goals.

  • Windows 365 Reserve, Microsoft's Cloud PC Rental Service, Hits Preview

    Microsoft has launched a limited public preview of its new "Windows 365 Reserve" service, which lets organizations rent cloud PC instances in the event their Windows devices are stolen, lost or damaged.

  • Hands-On AI Skills Now Outshine Certs in Salary Stakes

    For AI-related roles, employers are prioritizing verifiable, hands-on abilities over framed certificates -- and they're paying a premium for it.