10 Reasons You Shouldn't Blame Microsoft for Windows Security Issues

News Analysis: Microsoft sometimes gets a raw deal when it comes to security. The software company is often targeted as the reason why security outbreaks occur. But it's not always Microsoft's fault. Here, eWEEK looks at why Microsoft gets a bad rap when it comes to Windows security.

Whenever it comes time to talk about Microsoft, the discussion almost always turns to the company's handling of security. Microsoft's critics say the software giant's programs fail to adequately protect users. They also contend that Microsoft takes far too long to update its software, which makes the trouble last longer. Admittedly, Microsoft's poor software design does sometimes cause major security issues. Windows has been inundated with attacks for years, and Internet Explorer has been a hotbed of malicious activity.
But that doesn't mean that Microsoft is always to blame. Quite the contrary, there are times when the software giant is totally innocent. In those moments, users might want to point their fingers at third-party software developers. They might also want to look in the mirror. Yes, when it comes to security, users and third-party developers are as much to blame as Microsoft.
Here's why:
1. Third-party holes
Third-party applications can cause major outbreaks on a Windows PC. Third-party programs don't always have adequate security protocols in place to ensure that data is kept safe. Worst of all, the apps aren't always updated as often as they should be. That's a problem. Malicious hackers are fully aware that some programs are easier to break into than others, so they attack the easier targets. And no matter what safeguards a user has in place, if a third-party program is wide open, it's trouble.

2. Out-of-date software
Sometimes, third-party applications are patched by a developer. There's just one problem: Users don't always update those programs. We've all been there. We're in the middle of something important and a program we've just opened asks us to update it. Rather than wait for the update and potentially be forced to restart the computer, we put it off for another time. That might seem like the best option in the moment, but it really isn't. If that update was a security fix, we're now putting ourselves at risk for an even longer amount of time than we should. If we don't update our third-party programs, there isn't much Microsoft can do to protect us.
3. Out-of-date antivirus and anti-spyware programs
Running antivirus and anti-spyware programs that aren't fully up-to-date is almost as useless as running nothing at all. As new issues crop up, security vendors are constantly updating their programs to keep user data secure. Unfortunately, those vendors can't force users to actually update their programs. So, a user who opts to wait is once again at risk of being affected by an issue that could be easily avoided with the help of a simple patch. Microsoft should have done a better job of making Windows resistant to viruses and spyware, but it also needs some help from users.
4. Users open attachments that they shouldn't
Microsoft shouldn't be blamed by a user who opened an attachment he or she shouldn't have. Unless a person is expecting an attached file from a known source, opening documents from within an e-mail program is never recommended. For years, malicious hackers have been using e-mail to take advantage of users who seemingly never learned that opening an e-mail attachment from an unknown sender is a bad idea. As much as security vendors and Microsoft have attempted to raise awareness of that issue, users just aren't listening. And when their computers are taken over, it's Microsoft, not themselves, that they blame.

Don Reisinger

Don Reisinger

Don Reisinger is a longtime freelance contributor to several technology and business publications. Over his career, Don has written about everything from geek-friendly gadgetry to issues of privacy...