Time to End Microsoft's Patch Tuesday?

buzzardsbay writes "Techtarget's resident security curmudgeon, Dennis Fisher, is calling for an end to Microsoft's monthly security patching cycle. Fisher points out that 'a hacker only needs one unpatched system, one little crack in the fence in order to launch a major attack on a given network. The sheer volume of the patches Microsoft releases each month makes it quite difficult for even the most conscientious IT department to get every patch out to all of the affected systems in a reasonable amount of time.'"

Re:I have always wondered...

[Score+Whore]

As long as you don't mind working nights. There's no way an enterprise is going to accept daily, business hours outages.

Re:That's the Problem

[kabocox]

Now, as a non-user of Microsoft products and a victim of attacks by unpatched machines, some of them corporate, it's clear that the current strategy just shifts the costs off of the companies and onto me. If it just crashed their networks I couldn't care less. But it's more than that.

So I need to side with the proposal - the users need to improve their security. They can do this by having rolling patches from Microsoft or picking a more secure product to use. I don't care how they do it, but they need to stop expecting me to pay for their poor performance.

Why the hell should I change anything about how we do business to suit your wants or needs? If we are doing business without problems with somewhat hacked machines, but those hacked machines are bringing down your computers, why should we even care?

Please enlighten me why I should spend resources/effort on fixing your problem? I don't have a problem, you have the problem. You can't change my behavior, and I'm happy doing what I want. Why should I care if our company shits on you, and you can't do anything about it?

Answer: I won't change until a group slaps my company and forces me to change.