“If Microsoft really cared about securing the millions of Windows computers in the world, it would have enabled the firewall component in XP by default. It also would have disabled a long list of services and protocols that do little for you and me, yet make us bait for any hacker smart enough to exploit them,” writes Robert Vamosi for CNET.
“…Trouble is, Microsoft hasn’t been aggressive in locating its own software flaws–it still leaves that job to third-party security experts. And even when it finds out about problems from others, it doesn’t always fix them in a timely manner. Internet Explorer, for example, contains 31 flaws that are known yet unpatched. Moreover, I’ve yet to see new software from Microsoft that is actually more secure than previous versions,” Vamosi writes.
“I’m thinking about this last issue right now because the final shipping code for the next version of the Microsoft Office suite just arrived on my desk today. This is the version that’ll run on new computers sold this holiday season. It won’t be in stores until Oct. 21, but I’ve got an advanced copy so my colleagues and I can evaluate it before it ships,” Vamosi writes. “Though Microsoft’s PR folks are touting the new Office as the latest and greatest, I have reservations about the application suite from a security standpoint. More to the point: Will it be any more secure than earlier versions of Office?”
Vamosi writes, “Am I to believe, as the Trustworthy Computing initiative promised, that Microsoft developers have reviewed every line of code to make sure Office 2003 is free of security vulnerabilities? Or that Microsoft has redesigned Word, Outlook, and Excel, employing the latest security techniques? When I expressed these concerns to Microsoft’s PR reps, they simply answered: ‘We’ll get back to you.'”
Full article here.