__/ [Roy Culley] on Wednesday 11 January 2006 01:10 \__
> Why the software giant still can't get it right.
> Four years ago, Bill Gates dispatched a companywide e-mail
> promising that security and privacy would be Microsoft's top
> priorities. Gates urged that new design approaches must
> "dramatically reduce" the number of security-related issues as
> well as make fixes easier to administer. "Eventually," he added,
> "our software should be so fundamentally secure that customers
> never even worry about it."
> Microsoft customers haven't stopped worrying. A year later,
> Windows was hit with several nasty worms, including Slammer,
> Sobig, and Blaster. The viruses caused major traffic bottlenecks
> throughout the world, which cost tens of billions of dollars to
> clean up. Vulnerabilities deemed "critical" have forced the company to
> release an almost unending stream of patches and fixes to the
> Windows operating system, Microsoft Office, and Internet Explorer.
This article doesn't even mention all of the vulnerabilities whose status has
been 'solution pending' for several months. There are many known bugs on the
shelf and rather than having them fixed, another version of the O/S is being
The public outcry led to a patch being released for the WMF exploit, which
recently (yesterday?) turned out to have mutated into 2 other related
exploits, if not altogether separate, yet uncovered cases. When will they
learn to do the job right and thouroughly /before/ unleashing an O/S or a
patch? If Apple or Linux showed such imcompetence, I don't think they would
have as many advocate as they have. I can't recall the last time I heard
someone praising Windows.