Pender's Blog

Blog archive

Patches Can't Cover Windows Security Holes

Well, some Patch Tuesday that was. Just as Microsoft unleashes a passel of critical patches, another huge -- and thus far un-patched -- bug pops up.

The main target of this one seems to be Vista, so not many users will have to worry about it (heh heh). But it also affects Windows Server 2008 (although not Windows Server 2008 R2, apparently) and the Windows 7 release candidate (although not Windows 7 itself...apparently), so it's serious enough to merit a mention.

Microsoft's struggle to secure its software (or its willingness to have third parties do it) is a tale almost as old as the company itself. It's tough living life as the primary target for troublemakers, and it's even tougher when third-party vendors -- quite possibly for their own gain in publicity, which we're now helping with -- start piling on and criticizing Redmond's security efforts.

Of course, not many people are going to cry over the monopolist and industry behemoth having to constantly scramble to fix critical vulnerabilities. (By the way, "critical vulnerabilities" always sounds to us like some sort of action-romance movie, probably starring somebody like Julia Roberts.) And, to their credit, some of the more enterprising third parties out there -- stand up, Juniper Networks -- are offering protection from the security risk.  

But let's say this for Microsoft: At least the company does usually scramble to fix security holes. (Yes, we know about the vulnerabilities that exist for ages without a response from Redmond, but if something's serious, Microsoft generally jumps all over it.) And Microsoft provides automatic updates for users through its Patch Tuesday fixes.

There might be an argument as to how effective Microsoft is at securing its wares, or even about who should secure Microsoft's applications and how. But there's no question that the company, now more than ever, is serious about doing what it can to keep Windows safe. And that's a good thing for Microsoft and for most Microsoft partners. So, we're going to cut Redmond a little slack after a rough week. But probably just this once.

How satisfied are you with Microsoft's efforts to secure Windows and its other offerings? Do you think the company takes security seriously enough? Send your thoughts to [email protected].

Posted by Lee Pender on September 10, 2009 at 11:55 AM


Featured

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • Premium-Level Azure AD Coming to Microsoft 365 Business

    Users of Microsoft 365 Business will be able to access Azure Active Directory Premium P1 licensing free of charge, Microsoft said this month.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Curvey Stone Steps Graphic

    Microsoft Makes Run at 5G, Edge Computing with Azure Edge Zones

    Microsoft is promising to enable new edge computing scenarios for partners and developers with Azure Edge Zones, which became available as a preview this week.

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.