MS Patch Day: Can 1 Bulletin Hit the Spot?
Ryan Naraine writes in eWeek:
Microsoft on Thursday announced plans to ship one security bulletin on Tuesday, Sept. 13, to provide patches for a "critical" flaw in its Windows operating system.
As part of its advance notice mechanism, the Redmond, Wash.-based software giant said the security update will require a restart and can be detected with the MBSA (Microsoft Baseline Security Analyzer) tool.
The solitary bulletin will give IT administrators a temporary respite from patching—especially after the clean-up from the recent Zotob worm attacks—but to many in the security research community, it underscores Microsoft Corp.'s sluggish approach to addressing known security vulnerabilities.
eEye Digital Security, a private research firm with headquarters in Aliso Viejo, Calif., maintains a Web page of Upcoming Advisories that have been validated by software vendors.
Next Tuesday, when Microsoft ships the Windows update, one of the eEye-discovered flaws will be 108 days overdue.
posted by Fergie @ 9/08/2005 04:41:00 PM
0 Comments:
Post a Comment
<< Home