FW: Microsoft issues 51st security bulletin of the year

[InfoSec News <isn () c4i org>]

Forwarded from: "Aaron Wilson" <AWilson () elabor com>

For those who are paying attention. "Patching" an antivirus program is
not fixing a hole, it's adding to a signature definition so the
program knows what a virus looks like. Microsoft, Sun, Mac, or any
other software company that produce "Security Patches" for their
products are fixing holes. Big gaping ones. Some you could drive a bus
through.

Point being, Microsoft has market share of product, and spotlight.

Aaron

+---------------------------------------------+
| These are my opinions, and not those of my  |
| employer, eLabor, Inc.                      |
+---------------------------------------------+ 

-----Original Message-----
From: InfoSec News [mailto:isn () c4i org]
Sent: Monday, September 23, 2002 11:27 PM
To: isn () attrition org
Subject: RE: [ISN] Microsoft issues 51st security bulletin of the year 


Forwarded from: Rob Rosenberger <junkmail () barnowl com>

  >>Almost one and a half vulnerabilities a week for
  >>those of you keeping score at home.

You mean for all Microsoft products combined, right?  How does it
compare to ONE product from any large antivirus vendor?

C'mon, Bill.  How many antivirus patches did you install this year
alone? How many times did you plug security holes in McAfee or Norton
or Sophos? Do the people around you instinctively click the "download
the latest antivirus security patches now" button when CNN announces a
new virus?

Why do security experts consistently use the plural form of "patch"
when they talk about antivirus software?

Shallow-thinking security experts chide Microsoft and applaud
antivirus vendors for doing exactly the same thing.  And Microsoft
ONLY does it ~1.5 times per week for all of their products combined!  
No wonder Bill Gates envies the antivirus industry...

Rob



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.