Re: Microsoft announce most secure OS on the planet

[security curmudgeon <jericho () attrition org>]

On Wed, 15 Apr 2009, Larry Seltzer wrote:

: For the sake of argument, and in their defense, none of yesterday's 
: vulnerabilities apply to IE8, and the IE vulnerabilities all exploit in 
: the context of the logged-in user which, in Vista, is likely to be 
: less-privileged (unless the user/admin is a doofus)

For the sake of common sense, what is the distribution of IE8? The fact is 
every few years Microsoft releases a new version of Windows, calling it 
the most secure OS (ever|yet|etc). They claim this along with "no 
vulnerabilities reported" after a short beta period and no open testing of 
the product. Months pass and the vulnerabilities start rolling in and we 
learn that the SDLC is still problematic and Windows (any version) still 
contains too much legacy code.

It's amazing how no one seems to really take MS to task over this old and 
boring pattern.

: Larry Seltzer
: eWEEK.com Security Center Editor

http://www.eweek.com/

Featured Video: How Well is Your Dell Protected - Windows server 2008 
provides enhanced and new security features that protect information while 
simplifying security management.


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.