The Third-Party Patching Conundrum

An anonymous reader writes, "The Zero Day Emergency Response Team, or ZERT, stepped out of the shadows a week ago to offer a quick patch for the Microsoft VML vulnerability. eWeek reports that reactions to third-party patches have been mixed. Jesper Johansson, a former Microsoft security consultant, said 'I will not use the unofficial patch, nor can I think of anyone I would recommend it to.' ZERT has enrolled former White House IT security expert Marcus Sachs as a spokesman of sorts. He told eWeek, 'This patch is just another arrow in the quiver. These guys are some of the best-known reverse engineers and security researchers. It's a tight-knit group that has worked for years to make the Internet a safer place. This isn't a patch created by some guy in a basement.' And while MS did release an out-of-band patch this week for XP, ZERT releases updates for operating systems that are out of MS support: Windows 98, Windows 98 SE, Windows ME, Windows 2000 and Windows 2000 SP3."

Filters in the tubes

[cerberusss]

I never understood the need for security analysts, patches and all that. Why can't they just install some sort of filter in the internet tubes and be done with it? Maybe a good time to write Senator Ted Stevens?

sliding scale

[macadamia_harold]

This patch is just another arrow in the quiver. These guys are some of the best-known reverse engineers and security researchers. It's a tight-knit group that has worked for years to make the Internet a safer place. This isn't a patch created by some guy in a basement.

Oh, so it's not a patch created by some guy in his basement. But what about some guy in his parents' basement?

Re:sliding scale

[truedfx]

What do you think the word "a" means?

Clogged..

[not-admin]

If we put filters on the tubes, they'll just clog up faster.
I don't know about you, but my e-mails don't travel that well when they're clogged..