Ah, another insightful comment from mOOzilla.
If you had read the article, you would see that Microsoft is trying to make large scale administration tasks easier. Releasing patches haphazardly makes it very difficult for IT admins to schedule down time, and schedule patch distribution on their networks.
A monthly patch release, coupled with the idea of "securing the perimeter" so that patches don't need to be applied because the vulnerable services aren't enabled by default, or are blocked via firewall, will help admins keep up to date with their patching and will make computing more secure as a whole.
The fact of the matter is that most, if not all of the major exploits that show up for vulnerabilities in Windows don't show up for quite a while after the problem is discovered. I can't recall the last time a worm or virus took advantage of a Windows hole that hadn't been patched for at least a month.
The exception to this rule are the IE exploits, which have been around for months without Microsoft doing a whole lot about them. I realize (thanks to some of you here) that it's possible to lock down IE so that it is pretty secure, even without being patched, but I use Firebird anyhow. :-)
|