On Mon, 6 Aug 2001, Bernard Robertson-Dunn wrote:
> >Code Red puts Microsoft in hot seat
> >By Dan Verton
> >6 August, 2001 8:37
> >Washington, U.S.
>
> Sorry. As Roger pointed out, I forgot to include the URL:
>
> http://computerworld.idg.com.au/idg2.nsf/All/569E5B4834D33EC74A256A9D00760EBC!OpenDocument&n=Sections&c=Networking
In that article:
"Microsoft issued 100 security bulletins last year related to its software and 42
so far this year, according to information on its Web site. "
Those numbers are far too low. MS only publishes bulletins for exploits for which
it has a fix. If one follows BUGTRAQ and other security alert services, MS has been
informed of many more exploits than the 142 touted above, but often fails to
take action. Such exploits are *not* found on their website, and reportage like
the above misleads the uninformed customer who would assume that only 142 exploits
have been discovered in all of MS's products in the past 18 months. Balderdash!
Rgds
Rick W
_____________________________________________
Rick Welykochy || Praxis Services Pty Limited
"Those who do not understand Unix are condemned to reinvent it, poorly."
- Henry Spencer
This archive was generated by hypermail 2.1.1 : Fri Aug 31 2001 - 03:10:03 EST