| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Plugging The Holes In Windows | |
|
||
| Time: 04:41 EST/09:41 GMT | News Source: Forbes.com | Posted By: Alex Harris | ||
|
In recent weeks, anyone running PCs or servers with Microsoft Windows has had to contend with the threat of rampaging worms that might invade their systems if they aren't careful. This week Microsoft revealed that its users had to plug no less than five security holes--one nasty, the others not so--in various versions of its software. For the world's biggest software company, security issues are turning into the topic that never seems to quiet down. Home users are finding they have to install software patches more frequently than before. For corporate IT managers, the frequent updates mean they have to contend with the logistical challenge of ensuring that hundreds or thousands of Microsoft users are installing the right patches, and then making sure those patches don't interfere with existing software applications. Of the five vulnerabilities announced Wednesday (that's the day of the week that Microsoft announces vulnerabilities), only one was truly serious. And the fact that Microsoft even bothered to announce them at all shows that changes are under way in Redmond, Wash. While it may look like a security train wreck to outsiders, security analysts generally say Microsoft has come a long way in dealing with the holes, backdoors and viruses that seem to constantly pop up. But they also say it has a long way to go. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 318 Last | Next |
The time now is
5:20:35 AM
ET.
Any comment problems? E-mail us |
| #1 By 8589 (65.71.65.165) at 9/7/2003 10:08:31 AM |
| Not true for everyone. My computer gets updates from Symantec all the time. If a new strain of virus or worm come out, I don't check my email until my system has been inocculated. Just some common sense and a great anti-virus program that is kept upto date, can keep a system virus,trojan and worm free. |
| #2 By 1896 (68.209.99.21) at 9/7/2003 11:51:25 AM |
| #4 you compare two completely different scenarios: home users buy a computer from a manifacturer and then handle it. If you are managing 500 + workstations you are an IT manager and you are paid to do that. Being an IT manager is a job; you study and pass exams to get certified. It is quite easy to keep a personal computer safe today: buy a good AV software and enable it to update itself and automatically scan your system; use common sense and not open .exe or other potential dangerous files unless you know the sender and you were expecting those files; if you get broadband use a firewall. |
| #3 By 9589 (66.57.63.97) at 9/7/2003 3:13:51 PM |
|
Acutally #4, I'll bet that my tens of thousands of corporate workstations and thousands of servers are more up to date in terms of patches and AV pattern files then any group of home computers. We use Microsoft's System Mangement Server 2.0 to deliver fix packs, patches, security updates, ets. We use Trend Micro's Scan Mail for Exchange, ServerProtect for our other servers and Office Scan for workstations.
We do a certain amount of testing before loading up SMS to distribute the latest patch. But, that is made easy by allowing only three base images across the enterprise depending on what division you are in. Once these three images appear stable after an install and testing of a patch, they are released. I always laugh when I hear that this virus or that bug caused so many zillions of dollars of damage. I say bring'em on. It doesn't cost one dollar more when these outbreaks occur. We would still have a defense in depth (firewalls, intrusion detection, AV, and auditing) and people to manage that defense. We would still deploy updates to our software - what's a few more updates? What I think every professional in this industry - heck, anybody that owns a computer - has to stop doing is blame the software vendors and start blaming the criminals that are putting this crap out. Then, petition their representatives to get tough with these miscreants and put them behind bars for a very long time. |
| #4 By 6253 (12.237.219.240) at 9/7/2003 4:05:35 PM |
|
#4, I keep way more than 500+ workstations patched in my sleep. SUS has been available for download for more than a year. It's so ridiculously easy, safe, and free that you should be ashamed to call yourself "consultant." I'll bet you're the type who believes that a "deployment plan" for Office consists of running d:\setup from a CD-ROM, 500 times.
|
| #5 By 16451 (65.19.16.154) at 9/7/2003 6:12:46 PM |
|
#8 >>> SUS has been available for download for more than a year
Yeah, and it works great, that is, as long as you don't want to download service packs, driver updates, ot third party updates, or want to update in any way, shape, or form a "legacy" platform. |
| #6 By 16451 (65.19.16.154) at 9/7/2003 6:18:48 PM |
|
#7 >>> my tens of thousands of corporate workstations and thousands of servers
>>> this virus or that bug caused so many zillions of dollars of damage >>> It doesn't cost one dollar more when these outbreaks occur By all means, please don't downplay the truth for our benefits |
| #7 By 11888 (64.230.72.167) at 9/7/2003 6:27:47 PM |
|
It's so bizarre to see people making up excuses for a corporation that took their money and in exchange gave them a bug riddled heap of compiled code.
I'm trying here, but I can't come up with anything. Can anyone think of any other consumer product that they've paid for that was miserably defective but they insisted to others that it was great? This post was edited by MrRoper on Sunday, September 07, 2003 at 18:28. |
| #8 By 61 (24.92.223.112) at 9/7/2003 7:02:58 PM |
|
MrRoper: I have very few problems with Windows (no serious ones).... but there are problems/bugs in EVERY piece of software, it's not just something that happens at Microsoft.
Microsoft issuing a patch is just like a manufacturer issuing a recall on a product that has a defect that was'nt found until after production. trw: All I can say is quit blamming Microsoft for fixing a problem and blame the company that made your video software for not issuing THEIR patch. It is not Microsoft's responsibility, or any companies responsibility, to make sure that all application developers are keeping things up to date. This post was edited by CPUGuy on Sunday, September 07, 2003 at 19:38. |
| #9 By 2459 (69.22.92.164) at 9/7/2003 7:41:38 PM |
|
Can anyone think of any other consumer product that they've paid for that was miserably defective but they insisted to others that it was great?
MS' software is no more "defective" than any other software on the market. All software of any complexity is going to have bugs or intended functionality that works differently from what some people expect. Look at MacOS and *n*x for non-MS examples. Apple's new dependence on Unix, not to mention new platforms from others being built on top of *n*x code, has made those platforms more vulnerable to exploits than otherwise because they inherit many of the same holes that existed in the original code used to create their new software. Many embedded devices like cellphones have buggy software, and many more people pay for those than for Windows. Even games have had vulnerabilities and exploits. Some Linux users could be running exploited code or using exploited source right now. Security or code quality of other platforms is no better than MS. The main difference is that most other platforms aren't worth building an exploit for because of the musch smaller number of users and consequently lower possible damage, and because when the other platforms are exploited, there usually isn't as much publicity. Unless you go to a site like Security Focus or the vendor's security page (assuming one exists), you'd likely never know about the exploit. MS is seeking to reduce their attack surface using .NET and NGSCB, both of which will be available in the next Windows release (2k/XP features have been mentioned in previous posts). What are others doing to limit their security problems besides pointing out MS' problems to take the attention away from their own (FreeBSD has implemented ACLs and jails)? |
| #10 By 1845 (12.209.152.69) at 9/7/2003 8:29:08 PM |
|
tw: Perhaps you should look at yourself for a sec. You attacked first. You provided no evidence. You sounded like a fool. Whatever opinions you receive back, you deserve. In simpler terms: Pot, kettle, black.
Consultant: Hmm, perhaps you should do the same as tw. "Try keeping 500+ workstations all up to date!!" What's the implication here? The implication is that it is oh, so difficult. You're the one eating piss-soaked Cheerios. jdhawk and holedup were simply pointing out that your moaning and groaning was hyperbole. Any admin worth his paycheck can easily manage a network 20x your size, yet you moan. If all you were trying to say was that corporate life is different from home life you should have said, "corporate life is different from that of a home user." MrRoper, I don't know about you, but my "bug riddle heap of compiled code" has allowed me to make a few hundred thousand dollars, my employers several million, and many other corps tens and hundreds of billions. I'd rather have Windows than a piece of paper. Paper is about the only means of communicating that won't have vendor bugs. You won't get spell check, grammar check, watermarks, archiving, automated backup, or even close to instantaneous delivery to people on the other side of the earth, but you wanted bug free, didn't you? This post was edited by BobSmith on Sunday, September 07, 2003 at 20:31. |
| #11 By 1845 (12.209.152.69) at 9/7/2003 10:29:59 PM |
| Your post contained profanity. That's probably what it was removed. |
| #12 By 9589 (66.57.63.97) at 9/9/2003 12:24:49 AM |
|
#24, trw, the problem you are having may be because you haven't upgraded the chip set for your hardware (this should be available at the vendor's support site under the make/model of the computer that you purchased). When we changed vendors a couple of years ago from IBM to Dell, we initially had several inexplicable problems with our then, Windows 2000 based workstation images. We ensured that we incorporated the chip set update in our image "build" and all was well.
I hope that helps. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 318 Last | Next |
The time now is
5:20:35 AM
ET.
Any comment problems? E-mail us |
