Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Can't Microsoft Just Patch Everything?

Posted by Zonk on from the they-need-more-cookies dept.

paneraboy writes "If smaller software companies can patch all of their bugs serious or minor, ZDNet's George Ou asks, why can't Microsoft -- with its massive army of programmers and massive budget -- patch all of its vulnerabilities? Had Microsoft fixed a low risk browser vulnerability six months ago, perhaps we could have avoided last week's zero-day exploit. Currently, more than two dozen Windows XP issues remain unpatched. Ou thinks Microsoft ought to fix them all." From the article: "Almost 4 years after the launch of Trustworthy Computing, I found myself wondering why am I staying up till 4:00 AM to deliver an emergency set of instructions (Home and Enterprise) to my readers because Microsoft felt it unnecessary to patch a flaw six months ago that was originally low risk but mutated in to something extremely dangerous."

15 of 640 comments (clear)

  1. Well ... by SpooForBrains · · Score: 2, Funny

    To paraphrase a certain mercenary, where's the percentage in that?

    --
    "The dew has clearly fallen with a particularly sickening thud this morning"
  2. Doesn't he know? by AEton · · Score: 5, Funny

    Issuing patches is dangerous.

    Every time Microsoft patches its software, hackers use their patches to discover security holes and to issue exploits!

    But when they don't patch their software, no bad guys notice these vulnerabilities. In fact, no virus or worm has *ever* exploited a vulnerability before a critical update was released!

    Duh.

    --
    We recently had heard in the office over one of the Yellow Machine that's made by Anthology Solutions.
  3. Eureka! by PowerBallad · · Score: 2, Funny

    I can hear Microsoft execs right now: "Well when you put it that way...why didn't we think of this before?"

  4. Obligatory tinfoil hat by Bombula · · Score: 5, Funny
    From some Bond movie (Tomorrow Never Dies?):

    "What's the status of our new software?"

    "Ready for launch Mr Carver, and - as requested - it's full of bugs, so people will be forced to upgrade for years."

    "Delicious."

    /not serious... no, seriously.

    --
    A-Bomb
  5. Becaue they're too busy.... by Anonymous Coward · · Score: 1, Funny

    patching the holes in Ballmer's walls from all the flying chairs.

  6. Re:Good ole' 2002 by rd4tech · · Score: 2, Funny

    no, I didn't mean that ;)

  7. zero-day by supergiovane · · Score: 2, Funny
    Had Microsoft fixed a low risk browser vulnerability six months ago, perhaps we could have avoided last week's zero-day exploit.


    Maybe it should be named zero-year exploit.

    --
    Signatures are for stupids.
  8. Michael, Row the OS Ashore by dexter+riley · · Score: 5, Funny

    Attention all hands! Abandon metaphor! ABANDON METAPHOR!!!

    Though I must admit, it gives new meaning to "software piracy". Ahrrrrrrrr.

    1. Re:Michael, Row the OS Ashore by EvanED · · Score: 2, Funny

      Reminds me of a Daily Show clip from the democratic convention:

      Stewart: "[Bill] Clinton also became speaker number 683 to mention Kerry's naval service:"

      Clinton: "Since we're all in the same boat, we should choose a captain of our ship who is a brave, good man, who knows how to steer a vessel through troubled waters, to the calm seas and clear skies of our more perfect union."

      Stewart: "Saying 'ahoy' to prosperity. Ending our economic scurvy... with the oranges of fiscal responsibility. Kerry's the right man to lead (pirate-like 'arr') country."

  9. Re:I ask the same question by MouseR · · Score: 4, Funny

    No, OSS is not free of bugs

    But their bugs are free.

  10. Re:Seems like some people don't understand coding by mmjb · · Score: 5, Funny
    Of course, if the base design philosophy is flawed to begin with, even if they could "patch everything" the would likely be better off rewriting from the ground up.
    Outstanding idea!

    1. Base it on tried and tested code. Maybe supply the source code for the world's programming talent to see if there is anything wrong with it. Also encourage help with new projects.

    2. Give it a snappy name - words ending in an "x" always sound cool.

    3. Oh - and it would need a logo - maybe from the animal kingdom?

    4. ...

    5. Profit! (Oh - wait...)
  11. Patches don't generate revenue by MyOtherUIDis3digits · · Score: 2, Funny

    "All of our products now certified 'Good Enough'(tm). The new version will fix (insert issue here) anyway."

    On a related note, don't you just love the dinosaur ads MS is now using. "Still using Office 2000?!? What a relic you are! You ever heard of the dinosaurs? Well that's you if you don't upgrade RIGHT NOW! Also, the 'Good Enough'(tm) guarantee expires the day the new version comes out."

    --
    Ignore anything I said above, I actually agree with everything you believe - mod accordingly.
  12. Re:Seems like some people don't understand coding by js3 · · Score: 4, Funny

    preach on brother!

    that OP question is a dumb as "why can't the US kill all the terrorists? with their large army and all their technology?". We'll put in the same bin as "why can't you marry britney spears" and "why can't you quit your job and become a scuba diver"

    --
    did you forget to take your meds?
  13. and lose the weekly free advertising? by wardk · · Score: 2, Funny

    if they "patched everything", then they would need to find an alternate source of their weekly worldwide exposure. as we know, even bad news can be good news, it's getting your name out there that's important.

    also, the constant need for patches allow them to feel they are still relevent.

  14. Re:Maybe still denying the root problem by Dracos · · Score: 2, Funny

    ActiveX is one HELL of a typo.