Some think the “system” of patches Microsoft has developed to comabt security and programming flaws is a monumental failure.
The MSBlaster worm spreads through a security hole existing on about 17 million PCs using later versions of Microsoft’s Windows operating system. In mid-July, Microsoft urged companies and home users to install a free patch.
“Microsoft issued 72 patches last year and 31 so far this year. Installing patches in a corporate setting typically takes months, as patches can cause other applications to crash. ‘The dirty little secret in (technology) today is no organization can keep up with all of the patches,’ says Steve Larsen, CEO of BigFix, which supplies patch-management systems,” report Byron Acohido and Matt Krantz for USA TODAY.
Full article here.
Probably some M$ created spyware masked as a hackers prank. Despite being a crappy platform and virus prone, the Lemmings will still buy M$ crap, will still make high dollar security deals with them and/or create media downloading sites with their proprietary format as the only choice. Bad press will never take them down now, people think that computers are all ‘just like that’. Most of the worm reports I read never mentioned that other OS’s were not affected….what do they have to lose?
“Is Microsoft to blame for MSBlaster worm?”
How would anyone think they weren’t to blame? If a car company were to install faulty brakes and lives were lost as a result, the car company would naturally be blamed. Of course Microsoft is to blame for their shoddy OS. Duh.
Why should they be blamed, for crap sakes, the freakin patch has been around for a month! People complain about everything, the fact is they found the error and patched it. You try writting an operating system with no bugs! People say unix is all high and mighty, well they have patches and bugs too. If you want someone to attack, go after the programer that wrote the msblaster worm.
Bugs and/or glitches are one thing…gaping holes in your security requiring dozens of patches each year is another. I don’t see any other OSes out there with these kinds of issues. It’s especially bad when in January 2002 your chairman states that fixing these issues is their top priority. Well, it’s painfully obvious that’s not working out too well…
If you have a Windows machine that sits on the Internet, even just through a dial-up connection, you must patch as Microsoft tells you to. Too many people have the attitude that these things will somehow pass their machine by, despite the little “Critical” update message that jumps up in the corner of the screen every couple of days.
So is Microsoft to blame really, or is it their users?
Homeland Security and Microsoft…nice marriage…I sure feel safer.
Does anyone ever get fired for persuading their company to go with Windows?
Of course MS it to be helt responsible.
If everytime a patch had to be installed or a virus attacked some critical flaw like this, MS was held financlially responisble, and were fined and expected to pay part of the financial damages to a company, you would see them release a very safe and tested OS, or none at all. But as there is absolutely no adverse effect on MS they don’t care. People will keep buying it cause they think the have no choice.
And don’t go into arguments with this happens to other OS’s to. Fact is, it doesn’t, not on this scale. And if MS wants to be the largest, they should damn well also try to be the safest. But they don’t. They don’t even try or they would test their OS with security companies and hackers for a year or more before even releasing it. But again they don’t. Because it does not affect them, in fact as MS is a Monopoly, bad press doesn’t affect them. In a corporate enviroment most people think they don’t have a choice, which is reinforced by the Wintel IT people who only have a job because of these flaws.
I can understand an error in judgment by an HR department to hire a totally inept programmer.
I can understand a company spotting the errors cause by such an employee, having the whole programming staff rapidly fix the errors, and removing the programmer.
But, AN ENTIRE BILLION DOLLAR COMPANY being so inept with its programming. No way!!! Gates and company has always been control freaks, and the thought of peeking into every computer running their OS would be too tempting to ignore. These holes now seem to span old WIndows OSes, too. I would not be surprised if these patches also intentionally open existing dormant holes. Microsoft only needs 1 day between the opening of a hole to its discovery to be able to peer into millions of computers, many in competitors and governments. As we know, it can take some businesses months to apply a patch.
Also note how quickly the errors are found and patched. Usually, this takes weeks or months, but MS seems to know exactly how to fix them.
I do not think Gates would put himself in harms way, so he just creates secret “gates” for his buddies in government and other businesses to walk trough.
It is impossible for such a huge staff of ethical expert programmers to create such an insecure OS!! Gates’ pledged to have a more secure system, and things haven’t changed a bit. If anything, the holes are more frequent.
This is far too flawed to be the result of an expert staff.
Big – D stated:
“… the fact is they found the error and patched it…”
Um, wrong. LSD in Poland found it and held M$’s hand through patching it. M$ is so lucky that LSD told them about it BEFORE releasing the details to the net or MSBlast would have been incredibly devastating.
Ok, so like how does the patch thing work anyway? Do you like print it out and then stick it to the side of the computer? Or do you actually wear it to keep from getting infected. Cause I gotta tell ya, 72 patches in one year is WAAAAAY to many for me to put on my body let alone my monitor. Hmmmm. Maybe I should just buy a Mac. I heard they don’t get sick as often.
HAH!! Damn Lemmings!
eaxit,
To patch your MS Windows for the Worm, the instructions are here… http://microsoft.com/security/incident/blast.asp
For those that are unfortunate enough not to be using a Mac, Mac does have its operational, functional, and security “patches”, too. In fact, just a few minutes ago, Apple released one. But, most Apple users do nothing if they are online regularly and have their Auto Software Update set. If it is not set, the Mac user simply goes to their Software Update (in System Preferences) and clicks on “Check Now”, and then they may have to click on one or two more blatantly obvious, pulsing-blue, buttons to confirm the update. That’s it!
I have no idea why an entire staff of thousands of professional programmers at MS can’t make it this simple. Probably, job security for the millions of MS IT geeks imbedded in every company.
Yep…Microsoft leads the world in another category…OS patches. Including the one from Apple today, the score is now Microsoft 31, Apple 6. You win again Microsoft, congratulations!!!
Lance,
keep also in mind that Apple security patches are – for the most – not released in order to fix bugs on OS X but on Unix features and utilities like recent patches over LDAP and ssh. Those are Unix-wide patches not OS X-only ones
If we have to count OS X-only patches then Apple gest down to 1 – I believe (the screensaver bug) – .
Microsoft is hot concerning security: I am sure it will best its last year result and release 80+ patches by the end of the year.
That makes some 7 patches a month, almost 2 a week: must make Windows users feeling warm and fuzzy. At least they know why they truly need broadband or get toasted.
Just out of curiousity…why hasn’t any business sued Microsoft for the billions their compromised system software costs them each time a virus is unleashed? Is there some parameter in the EULA from Microsoft? I’ve never read it, as I’m sure most people haven’t?
Just curious…not that it matters to me…we use Macs…and we laught at our PC friends when they’re infected.
Pay high price for inferior product, then brag about it, and even pay for someone to maintain the holes and clean all the dirt. What a smart creature.
It’s only happen in Lemming world.
The EULA for windoze states that the software shouldn’t be used in nuclear power stations, or military installations – so I think that says something about their faith in the software!
I would imagine that there is something in there about m$ not accepting any liability for damage to software of damage caused by installing their bug ridden piece of crap.
sirocco:
Microsoft EULA gives a warranty for the first 90 days, after that fixes, updates or patches carry no warranty. You are on you own for what concerns damages related to faults in the software.
A large part of Microsoft EULA concerns itself with limiting your use of the software, and with absolving Microsoft from any responsibilities it may have with respect to the warranty.
A close reading of the EULA reveale that the license exlicitly “all avenues and all recourse” that a user of Microsoft’s has for “legal relief of any sort”. At best you may recover the cost of the software, or US $5, at choice.
THIS SAID: you are screwing yourself.
Must suck to be so friggin stupid in Corporate World.
typo and missing word: the license explicitly “remove all avenues and all recourse”
interesting mention about Apple is an article on CNN in regards to the blackout.
http://www.cnn.com/2003/TECH/ptech/08/15/power.tech.scene.reut/index.html