October 13, 2009 by openbytes
Today, its being reported that Microsoft has released it’s largest batch of patches for its Windows platform. Dubbed “Patch Tuesday” Microsoft are releasing fixes for many vulnerabilities.
The most noteable one of these is a series of 8 different bugs within the GDI component of Windows, consequently affecting Vista, XP, Server 2003 + 2008 and its .Net framework to mention a few. Its being reported that fixes to 34 vulnerabilities are being released which does beg the question, how much faith do you have in the security of Microsoft products? Sure they have released patches to exploitable holes, but how many more are they and why (in the case of XP) is the system still proving vulnerable after all this time?
Never let it be said that Microsoft doesn’t offer a wide selection of vulnerabilities and exploits in its software. How many more vulnerabilities and exploits have yet to be found? In this age of online crime just how many more warnings do Windows users need? It’s often argued that Linux is more secure only because its market penetration is smaller. Whilst to some extent that may be true, in my opinion the fact remains it still is the securer platform. Time to look elsewhere? With one of the vulnerabilities allegedly being targetted by cyber criminals in the last week, one has to wonder how much longer Windows users will take the risk online.
Allegedly 2/3rd’s of the patches have been listed by Microsoft as “critical” which is Microsofts designation for the most serious rating. The Washington Post quotes Taylor Reguly of nCircle as saying:
Again we see a month of client-side issues in almost every major Microsoft product….whether you run Office, Windows Media Player, Internet Explorer, .NET or just Windows itself, there’s a vulnerability for you
Prior to the security patches being released, Jerry Bryant of Microsoft made an announcement:
Usually we do not go into this level of detail in the advance notification but we felt that it is important guidance so customers can plan accordingly and deploy these updates as soon as possible
and even the most devoted (IMO) of Microsoft advocates (and a person we have crossed paths with before) Andre Da Costa seemed to be waiting with baited breath for this update when he said on his Twitter:
I crave Patch Tuesdays
and with the list of fixes to potential exploits in Windows, you can understand why.
Goblin – firstname.lastname@example.org