Pender's Blog

Blog archive

Patches Can't Cover Windows Security Holes

Well, some Patch Tuesday that was. Just as Microsoft unleashes a passel of critical patches, another huge -- and thus far un-patched -- bug pops up.

The main target of this one seems to be Vista, so not many users will have to worry about it (heh heh). But it also affects Windows Server 2008 (although not Windows Server 2008 R2, apparently) and the Windows 7 release candidate (although not Windows 7 itself...apparently), so it's serious enough to merit a mention.

Microsoft's struggle to secure its software (or its willingness to have third parties do it) is a tale almost as old as the company itself. It's tough living life as the primary target for troublemakers, and it's even tougher when third-party vendors -- quite possibly for their own gain in publicity, which we're now helping with -- start piling on and criticizing Redmond's security efforts.

Of course, not many people are going to cry over the monopolist and industry behemoth having to constantly scramble to fix critical vulnerabilities. (By the way, "critical vulnerabilities" always sounds to us like some sort of action-romance movie, probably starring somebody like Julia Roberts.) And, to their credit, some of the more enterprising third parties out there -- stand up, Juniper Networks -- are offering protection from the security risk.  

But let's say this for Microsoft: At least the company does usually scramble to fix security holes. (Yes, we know about the vulnerabilities that exist for ages without a response from Redmond, but if something's serious, Microsoft generally jumps all over it.) And Microsoft provides automatic updates for users through its Patch Tuesday fixes.

There might be an argument as to how effective Microsoft is at securing its wares, or even about who should secure Microsoft's applications and how. But there's no question that the company, now more than ever, is serious about doing what it can to keep Windows safe. And that's a good thing for Microsoft and for most Microsoft partners. So, we're going to cut Redmond a little slack after a rough week. But probably just this once.

How satisfied are you with Microsoft's efforts to secure Windows and its other offerings? Do you think the company takes security seriously enough? Send your thoughts to [email protected].

Posted by Lee Pender on September 10, 2009


Featured

  • Salesforce To Acquire Informatica in $8 Billion Deal

    Salesforce announced on Tuesday it plans to acquire data management firm Informatica for $8 billion.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft Gives Orgs More Power to 'Tune' AI Agents

    At its Build 2025 conference this week, Microsoft unveiled significant advancements aimed at empowering enterprises to create more sophisticated AI agents.

  • Build 2025: Microsoft Charts Wider Path for AI Agents

    At Build 2025, Microsoft unveiled its strategic vision for the future of AI agents, emphasizing the development of autonomous systems capable of performing complex tasks across various applications.