Adirondack Web Services AWS: Growing Business with Technology Home  |  About Us  |  Contact  | 
 
AWS Internet Home Check Your AWS Webmail Contact Adirondack Web Services View this page in printer-friendly format Email this page to a friend!   For sales call toll-free 1.866.736.8531
Fri July 04, 2008
Home

Articles

Services

  Copy Writing

  Custom Programming

  Database Development

  E-Commerce Design

  Flash Development

  Graphic Design

  Internet Access

  Internet Marketing

  Live Chat

  Network Design

  Phone Services

  Real Estate Solutions

  Site Tracker

  Software Development

  Web Design

  Web Hosting

  Website Management

About AWS

Portfolio

Contact

Newsletter

Help & Demos

Testimonials

Links


AWS RSS Feed GeoURL

Bookmark AWSBookmark This Page
 
Email this page to a friend Email AWS to a Friend

Visa, MasterCard and American Express Accepted
 
Instant Message AWS
 
 
Author Image Author Information
Jasen Lawrence
Programming, Web Design
jasen@awsinternet.com
Jasen Lawrence joined the team in August of 2004 and is the resident coder and back-end backbone of AWS. Schooled at Juniata College in Pennsylvania and by many caffeinated hours o... [more about this author]

Microsoft Security Patch Rate Slows
January 12th, 2006, 1:41pm CST AWS RSS Feed View This Article In PDF Format.

 

We’ve all heard someone say it at some point. Microsoft is horrible about getting patches out in a timely fashion. But is it true? That’s what Brian Krebs from what Washington Post’s Security Fix set out to answer. The results were a bit startling. I expected Microsoft to be a little behind open source update speeds, but over the last few years, Microsoft is actually getting slower; a lot slower.

Krebs’ study spans the last three years (2003 - 2005) of Microsoft critical security patches. Microsoft considers a patch "critical" if it fixes a security hole that attackers could use to break into and take control over vulnerable Windows computers. His study was very thorough and well documented, with detailed data about all of the security patches involved in the study.

Krebs reports that, “Over the past three years, Microsoft has actually taken longer to issue critical fixes when researchers waited to disclose their research until after the company issued a patch. In 2003, Microsoft took an average of three months to issue patches for problems reported to them. In 2004, that time frame shot up to 134.5 days, a number that remained virtually unchanged in 2005.”

The Microsoft team has a long way to go if it ever hopes to catch the open source community which normally issues critical security patches inside of a month, many times in just days. I understand the delay in patches and fixes for an operating system. But “critical updates” are just what they say, critical; and I would hope that a patch could be made inside of 30 days, not in more than 4 months.

 

Perma-Link: http://www.awsinternet.com/articles/2006/Microsoft_Security_Patch_Rate_Slows.html

Related Links:
http://blogs.washingtonpost.com/securityfix/2006/01/a_timeline_of_m.html
http://www.microsoft.com
http://blogs.washingtonpost.com/securityfix/
Site © 2001 - 2008 Adirondack Web Services. Site designed, maintained, and hosted by AWSInternet. -
Built in 0.2856500 secs.   Currently 56 guest(s) on-line.