Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Admits to Hiding Flaw Details

Posted by ryuzaki0 on from the on-a-need-to-know-basis dept.

Spongeform writes "eWeek has an interview with a Microsoft security official admitting to hiding details on software vulnerabilities that are discovered internally. The reason? Microsoft believes that full disclosure of every security-related product change only serves to aid attackers. However, companies using host-based IPS that rely on flaw information to build signatures are basically left at risk because of Microsoft's silent fixes."

6 of 147 comments (clear)

  1. The Truth by Elitist_Phoenix · · Score: 1, Funny

    I'm not outta order! You're outta order! The whole freakin' system's outta order! You want the truth? You want the truth? You can't handle the truth! 'Cause when you reach over and stick your hand into a pile of goo that used to be your best friend's face! You'll know what to do forget it Marge it's Chinatown!

    --
    "I'm going to f***ing bury that guy, I have done it before, and I will do it again. I'm going to f***ing kill Google"
  2. Scandalous! by jesser · · Score: 1, Funny

    However, companies using host-based IPS that rely on flaw information to build signatures are basically left at risk because of Microsoft's silent fixes.

    Users who refuse to install Microsoft security patches are left vulnerable to security holes in Microsoft products they use!? Scandalous!

    --
    The shareholder is always right.
  3. Ballmer and Bill convo by Elitist_Phoenix · · Score: 1, Funny

    Billy: Acording to my calculations every hacker will eventualy run amok with the killing and the scripting and the botnetting...
    Ballmer: My God Bill, when will this happen?
    Billy: In exactly 24 hours! (hackers immediatly start posting 0day exploits) Oh dear, I forgot to carry the one.

    --
    "I'm going to f***ing bury that guy, I have done it before, and I will do it again. I'm going to f***ing kill Google"
  4. Microsoft is at war. by bbuchs · · Score: 3, Funny

    What you have to understand, what the American people have to understand, is that we're at war. The fact that we're talking about these vulnerabilities simply emboldens the enemy.

  5. Re:Every MS Patch is Utmost Severe? by dJOEK · · Score: 2, Funny

    "Flawlessness" is unattainable. No intelligent design team would aim for it. But reasonable security via a reasonable effort is certainly attainable. UNIX is proof.
    please, let's not start THAT old discussion here, as if the evolution team makes such flawless products ;-)

    --
    Exercise caution when modding this message up: the author acts like a jerk when his karma is excellent.
  6. Of course they're not going to report all bugs! by Pichu0102 · · Score: 1, Funny

    After all, if they put up the code that has the bug in it for every bug found, people could piece together the entire Windows source code!