Slashdot Mirror


MS Security Chief: Windows Never Exploited Until Patch Available

BenBenBen writes "The head of Microsoft's security business and technology unit states that Windows is never vulnerable until a patch appears, and that releasing patches is what causes exploits to be developed. Good quotes: 'We have never had vulnerabilities exploited before the patch was known', and '[he] could only think of one instance when a vulnerability was exploited before a patch was available'. Erm..."

31 of 1,040 comments (clear)

  1. Oh really? by ChaoticChaos · · Score: 5, Funny

    "The Earth is flat."
    "The Sky is green."
    "Earth is the center of the universe."

    Other ridiculous statements that have also been proven false.

    So, let me get this straight, Windows will become more secure if Microsoft stops issuing patches? :-)

    Sakes alive, the Microsoft spin machine has been well oiled this morning!

    ChaoticChaos
    "If Windows wasn't vulnerable until the patch was released, why was the patch released in the first place???"

    1. Re:Oh really? by dingbatdr · · Score: 5, Funny

      In other news, Microsoft announce that cause and effect are reversed when it comes to their software.

      "We think it is due to our patented time-traveling module," quips Steve Balmer.

      --
      The truth is an offense, but not a sin.------R. N. Marley
    2. Re:Oh really? by FrostedWheat · · Score: 5, Funny

      "We think it is due to our patented time-traveling module," quips Steve Balmer.

      It's true! I was copying a file over the LAN the other day, and IE said it had -8342563246 seconds to go!

      Microsoft Time (C)(R)(TM)
      Where do you want to go yesterday?

    3. Re:Oh really? by hcetSJ · · Score: 5, Funny

      Next big thing in computers: the then-if statement! Available only on Microsoft products, certainly.

      --

      This side up.
    4. Re:Oh really? by tmasssey · · Score: 5, Funny
      You mean like INTERCAL? How can you live without a COME FROM statement?

    5. Re:Oh really? by ssbljk · · Score: 5, Funny

      in the beginning there was Windows ... and it was secure ....

      then we downloaded damn patch :(

      --
      /ss
    6. Re:Oh really? by mpe · · Score: 5, Funny

      Sakes alive, the Microsoft spin machine has been well oiled this morning!

      They must have had a delivery of snake oil :)

    7. Re:Oh really? by Short+Circuit · · Score: 5, Funny

      It's called sweeping it under the rug. Until, of course, someone trips over the raised rug or sees dust puff out when the rug is stepped on.

    8. Re:Oh really? by zelurxunil · · Score: 5, Funny

      Perhaps it can be reverse engineered...

      --

      What's another word for Thesaurus?
      -Steve Wright
    9. Re:Oh really? by jocknerd · · Score: 5, Funny

      Wouldn't Microsoft's Security Chief be a marketing guy? He obviously doesn't have anything to do with security.

    10. Re:Oh really? by Short+Circuit · · Score: 5, Funny

      One of the reasons I love Perl is that the following line of code works:

      open ( PERLYGATES ) or die "Trying";

    11. Re:Oh really? by Zixia · · Score: 5, Funny

      There has never been an expoit without a patch. Just the one.

      One! One exploit without a patch, and that other one against Internet Explorer.

      Okay, two exploits without a patch. Unless you count the many against Outlook Express.

      AMONGST THE EXPLOITS WITHOUT A PATCH ARE... Can we start the interview again?

    12. Re:Oh really? by Lobo_Louie · · Score: 5, Funny

      This reminds me of a Knowledge Base link I saw on M$'s website about 3-4 years ago. I'm paraphrasing here: Warning, your password must be 324,322,322 characters long and must not match any of your last 324,234,234 passwords. The URL made the rounds in couriels *. * excuse my french!

    13. Re:Oh really? by andrew_0812 · · Score: 5, Funny

      Not yet, it hasn't been patched...

    14. Re:Oh really? by Oyvind+Eik · · Score: 5, Funny

      [cheapo] haha, this screen appeared on my windows that said "time before shutdown: 60 seconds"
      [cheapo] so i turned the windows clock 2 years backwards and now it says "time before shutdown: 729 days" :D:D
      [cheapo] i just love windows :D

      [#227455]

      Windows has a great sense of humor. :-)

    15. Re:Oh really? by qcomp · · Score: 5, Funny
      No... I think what they are trying to say is that *after* a patch is released and a description of the exploit is given, mal-ware writers then run off and use this description to write mal-ware to take advantage of folks who haven't applied the provided patches.

      exactly, so MS shouldn't patch any holes in the first place, then no malware would be written and everyone would live happily ever after

    16. Re:Oh really? by Anonymous Coward · · Score: 5, Funny

      .well patterns-thought my reflect t'don theY .language other any to used got never I !language programming first my was ITERCAL ?funny modded this was whY

    17. Re:Oh really? by mino · · Score: 5, Funny

      Running screamingly offtopic, but when it comes to all-time best KB article headlines, here's yer winner:

      Earth Rotates in Wrong Direction

  2. Criminal tools like "diff"? by RobertB-DC · · Score: 5, Funny

    He said tools were available that compared patched and unpatched versions of Windows to help vandals and criminals work out what was different.

    "The guys who write the tools would not consider themselves to be criminals by any measure," he said, "but the tools are also being picked up by people with criminal intent."


    I guess that explains why Windows doesn't include a "diff" function...

    --
    Stressed? Me? Of course not. Stress is what a rubber band feels before it breaks, silly.
  3. In other news... by daeley · · Score: 5, Funny

    In related news, the Mayo Clinic has announced that if we eliminated cancer treatments, we would eliminate cancer.

    --
    I watched C-beams glitter in the dark near the Tannhauser gate.
  4. So... by Niles_Stonne · · Score: 5, Funny


    So, instead of poor programming it's incompetent management?

    --
    Sticks and Stones may break my bones, but copyright will always protect me.
  5. Must have a good source for that stuff... by ackthpt · · Score: 5, Funny
    Malicious hackers and vandals are lazy and wait for Microsoft to issue patches before they produce tools to work out how to exploit loopholes in Windows, say experts.

    I love how people with vested interests are called 'experts'

    thhhhhhhhhtttt *choke* *gag* "ahhhhhhh" So as I was saying, hackers haven't found any of these flaws and exploited them before they were patched. Man, this is some strong crack, I almost believe what I said, myself"

    And how do these fine experts actually know there aren't, at this moment, flaws being exploited left and right? Ah, they're experts, of course!

    --

    A feeling of having made the same mistake before: Deja Foobar
  6. What the Fuck? What the Fucking Fuck Fuck? by Tackhead · · Score: 5, Funny
    > 'We have never had vulnerabilities exploited before the patch was known'

    "Bullshit" doesn't begin to do justice of the level of falsehood present here. We're talking about taking the very essence of falsity, distilling it over the flames of ignorance, condensing it within intestinal walls of monumentally bovine intellectual apathy and sponsoring a college kegger with the elixir-excremento obtained therefrom.

  7. XP = Legacy? by La+Camiseta · · Score: 5, Funny

    "Almost all attacks against our software are against the legacy systems," he said.

    So is that what they're calling WindowsXP now?

  8. Iraqi Information Minister working for MS? by ageoffri · · Score: 5, Funny
    Wow looks like Microsoft has hired the Former Iraqi Informaiton Minister.

    "The infidels packets are slaughtering themselves at the ports to our OS"

    "There are no exploits against windows, they are all lies from the so called Open Source community"

    "We removed the Windows Update site to better serve our loyal followers."

    --
    -- Slashdot, making the Left look conservative since 1997.
  9. Re:Piffle by Erratio · · Score: 5, Funny

    Yeah...I hate paying for those damn Linux upgrades.

    --
    I don't try to be right, I just try to make people think
  10. Re:Piffle by Bombcar · · Score: 5, Funny
    How many people do you know that are still running 2.0.34?


    Those people are Amateurs.

    The latest kernel is 2.0.40, as everyone should know.

    [/sillyness]
  11. Re:Piffle by rholliday · · Score: 5, Funny

    "Almost all attacks against our software are against the legacy systems ..."

    Am I the only one who remembers a few exploits that 95/8 were immune to because of innovations in new OSs? I mean, just a little thing like MS.Blaster. Probably didn't make the news ...

    --
    Xbox reviews.. We think they're funny.
  12. In related stories by AtariAmarok · · Score: 5, Funny

    In related stories, it has been revealed that firemen cause fires, policeman cause crime, and the good folks at Symantec have written all the viruses.

    Film at 11:00 (just after the anchorman tells us about all of the muggings he committed).

    --
    Don't blame Durga. I voted for Centauri.
  13. Could this mean... by jellomizer · · Score: 5, Funny

    Could the mean that Microsoft as a Business exists moving in time backward. This explains Microsoft quick profits and good business decisions back in the 80's and over now in the 2000's a younger and less experience Microsoft is making more mistakes. and having a little more competition to deal with.

    I don't know about you but I confused myself.

    --
    If something is so important that you feel the need to post it on the internet... It probably isn't that important.
  14. Re:only Microsoft finds exploits by Necrobruiser · · Score: 5, Funny

    **"Only Microsoft finds exploits"**

    Or is it the other way around ?

    say [pun]"Only Microsoft exploits exploits"[/pun]...


    I think the other way around would read "Only exploits find Microsoft."
    Seems more probable that way...

    --
    "I planned within my means and got a fixed rate mortgage, so where's MY bailout?" -cafepress