Slashdot Mirror
Visual Studio .Net: Now with more Viruses
News.com breaks the story (and 8000 readers submit) that Microsoft distributed Nimda-infected copies of Visual Studio .Net in Korea. I don't even know what to say here; nothing seems adequate, except to point out that "trustworthy computing" does not seem to have had any effect whatsoever. News.com just updated their story to point out that it probably won't infect the people who installed Visual Studio .Net, but it's still a rather nasty faux pas for a company that's supposed to be cleaning up its act.
I mean, come on, anyone ELSE see this as similar to when the Cult of the Dead Cow released Back Oriface 2000 with CIH preinstalled? :)
Seriously, before any of the "OH ITZ M$, THY SUXX!!!1111" posts come out, lets be honest. Any company can make that mistake. It takes a special moron in Quality Assurance to release that one.
I have to ask though... what would YOU do if you were MS in this case?
--- Ãther SPOON!
And yet they still argue that "theoretically" open source is the bigger security threat.
For the love of God, vote Nader.
If you're in the software biz (and serious about it), you ALWAYS scan a new release with anti-virus software before you let it out the door.
ALWAYS.
It's easy, it's prudent and it keeps you from getting nasty PR.
MS isn't the first to get caught this way (in fact, didn't this happen once before?) and it's cheap to learn from someone else's mistakes.
Has anyone ever heard of the following:
Secured Development environment?
Anti-Virus Software??
Don't they run A/V software on the development workstations and servers?
At least an aggressive manual scan before packaging seems a good idea.
See here for details.
Nope, no sig
Something about how Open Source software could have a virus on it?
Most of the time that MS uses a third-party company, that company screws up. My question is, who exactly is in charge of seeking out and contracting with those companies? Fire him big time.