____/ [H]omer on Sunday 26 August 2007 20:47 : \____
> Verily I say unto thee, that Robert spake thusly:
>
>> This is a Excellent post, Homer.
>> is there a way that you can turn this post into a webpage & post the link?
>> this would be a great way for some of us advocates to show friends & others
>> in the various newsgroups. more or less, give em a education on one of the
>> disadvantages of using microsoft windows.
>
> I'll put it up on my blog later (see sig).
Microsoft silently patches security flaws and disguises such weaknesses
as 'performance' updates. They have been beaten for it (and to it) by
researchers. This is a fine and recent example:
Microsoft reacts to kernel hacks, defends Vista
,----[ Quote ]
| Microsoft wasn't much help in figuring out exactly what was beefed up by the
| PatchGuard update; the accompanying information was extremely vague. The
| MSRC's release manager, Simon Conant, was just as tight-lipped in a posting
| to the center's blog. "The update adds additional checks to Kernel Patch
| Protection for increased reliability, performance, and security," Conant
| said.
`----
http://www.infoworld.com/article/07/08/15/Microsoft-reacts-to-kernel-hacks_1.html?source=rss&url=www.infoworld.com%2Farticle%2F07%2F08%2F15%2FMicrosoft-reacts-to-kernel-hacks_1.html
Gist: Microsoft hid the fact that it was a security issue being patched. Later
they have that scum Jeff Jones talking about how secure Windows it. But it's
just a Big Lie.
Also see:
Skeletons in Microsoft’s Patch Day closet
,----[ Quote ]
| This is the first time I’ve seen Microsoft prominently admit to silently
| fixing vulnerabilities in its bulletins — a controversial practice that
| effectively reduces the number of publicly documented bug fixes (for those
| keeping count) and affects patch management/deployment decisions.
`----
http://blogs.zdnet.com/security/?p=316
Beware of undisclosed Microsoft patches
,----[ Quote ]
| Forget for a moment whether Microsoft is throwing off patch counts
| that Microsoft brass use to compare its security record with those
| of its competitors. What do you think of Redmond’s silent patching
| practice?
`----
http://blogs.zdnet.com/microsoft/?p=527
Microsoft : Arrogance leads to Vulnerability
,----[ Quote ]
| Chatting with the Microsoft senior sales people, I was struck by
| their incredible arrogance. They know the company?s products are good,
| but they have no qualms whatsoever about charging top dollar as a
| result.
|
| It reminds us how Microsoft used to behave when it comes to their
| products' security records. IE5 and 6 were nothing short of being
| proper Swiss Cheese with loads of holes in them but hey, they had 95%
| of the browser market at that time and couldn't care less.
`----
http://securityblog.itproportal.com/?p=514
--
~~ Best of wishes
Roy S. Schestowitz | GPL'd Reversi: http://othellomaster.com
http://Schestowitz.com | Free as in Free Beer | PGP-Key: 0x74572E8E
Load average (/proc/loadavg): 1.35 1.55 1.32 1/139 12196
http://iuron.com - semantic search engine project initiative
|
|
