Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] [Rival] Microsoft Biased 'Study' Stings Its Own Rear

  • Subject: [News] [Rival] Microsoft Biased 'Study' Stings Its Own Rear
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Fri, 22 Jun 2007 13:11:40 +0100
  • Newsgroups: comp.os.linux.advocacy
  • Organization: Netscape / schestowitz.com
  • User-agent: KNode/0.10.4
Microsoft Better at Patching XP Than Vista

,----[ Quote ]
| A Microsoft Corp. security executive released data Thursday showing that, 
| six months after shipping Windows Vista, his company has left more 
| publicly disclosed Vista bugs unpatched than it did with Windows XP.
|
| [...]
|
| "This is an apples-to-oranges comparison," said HD Moore, one of the hackers 
| behind the popular Metasploit penetration testing toolkit. "If you want a 
| more accurate view, try comparing the number of flaws between 
| Microsoft-developed software and vendor-X-developed software. Most Linux 
| vendors don't actually write the majority of the packages they include," he 
| said via e-mail.     
|
| "Alternatively, force Microsoft to include all vulnerabilities in common  
| third-party software," he added. "For example, the thousands of exploitable 
| ActiveX controls that... vendors include with a Windows system." 
`----

http://news.yahoo.com/s/pcworld/20070622/tc_pcworld/133308

Recall the CRN lab test which showed that Vista offers no real improvements
over Vista as far as security goes.


Related:

Microsoft is Counting Bugs Again

,----[ Quote ]
| Sorry, but Microsoft's self-evaluating security counting isn't really a 
| good accounting.
| 
| [...]
| 
| The point: Don't count on security flaw counting. The real flaw is 
| the counting.
`----

http://www.microsoft-watch.com/content/security/microsoft_is_counting_bugs_again.html?kc=MWRSS02129TX1K0000535

Skeletons in Microsoft’s Patch Day closet

,----[ Quote ]
| This is the first time I’ve seen Microsoft prominently admit to silently 
| fixing vulnerabilities in its bulletins — a controversial practice that 
| effectively reduces the number of publicly documented bug fixes (for those 
| keeping count) and affects patch management/deployment decisions.   
`----

http://blogs.zdnet.com/security/?p=316


Beware of undisclosed Microsoft patches

,----[ Quote ]
| Forget for a moment whether Microsoft is throwing off patch counts 
| that Microsoft brass use to compare its security record with those 
| of its competitors. What do you think of Redmond’s silent patching 
| practice?
`----

http://blogs.zdnet.com/microsoft/?p=527

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index