Options
Microsoft "No security bulletins for December"
It seems Microsoft's idea of reacting to customer feedback is to well, do less. This news came to light after Technet announced their monthly 'Security Webcast' was being cancelled due to the fact that the software giant has currently no security bulletins to release as part of its monthly release cycle for December.
[blockquote]In Microsoft's own words:
"In response to extensive customer feedback, Microsoft is implementing changes in the way security bulletins are released. These changes will help enhance the manageability and predictability of the patch management process for customers. Security bulletins will normally be released on the second calendar Tuesday of every month. However, the first monthly bulletins will be released on Wednesday, October 15, 2003."
That would be fine if there were no any outstanding issues...
...but there are - A CHINESE RESEARCHER has discovered 7 new security holes in Internet Explorer and Microsoft is looking into them, or perhaps through them. According to Russ Cooper of TruSecure, two of the holes are critical vulnerabilities which could permit an attacker to remotely execute malicious programs.
So taking those issues into account Microsoft's new strategy seems to be don't release any updates. As usual we will investigate further to see what Microsoft has to say about the matter.
[/blockquote]
Source - [link=http://www.neowin.net]Neowin[/link]
[blockquote]In Microsoft's own words:
"In response to extensive customer feedback, Microsoft is implementing changes in the way security bulletins are released. These changes will help enhance the manageability and predictability of the patch management process for customers. Security bulletins will normally be released on the second calendar Tuesday of every month. However, the first monthly bulletins will be released on Wednesday, October 15, 2003."
That would be fine if there were no any outstanding issues...
...but there are - A CHINESE RESEARCHER has discovered 7 new security holes in Internet Explorer and Microsoft is looking into them, or perhaps through them. According to Russ Cooper of TruSecure, two of the holes are critical vulnerabilities which could permit an attacker to remotely execute malicious programs.
So taking those issues into account Microsoft's new strategy seems to be don't release any updates. As usual we will investigate further to see what Microsoft has to say about the matter.
[/blockquote]
Source - [link=http://www.neowin.net]Neowin[/link]
0
Comments
Gotta love rampant hipocrisy, Microsoft releases regular security updates and advisories, everyone bitches that their products are not secure and thats why they do, then, one month they release no updates or advisories and we get people (like above) bitching that Microsoft is now doing less, give me a break :rolleyes2
It seems in this instance the simple fact that Microsoft is in the process of upgrading and altering its security update release strategy isn't enough to grab people's attention for news. However I think the guys over at Neowin have a point, as if indeed there are holes needing plugged, why can't Microsoft upgrade and patch at the same time?
Just for the record;) , it wasn't my intention to come across as bitching about Microsoft, those header paragraphs I write, I use to simply try and sum up the source report not put across my own opinions on the subject.:)