Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Development
    • IT Management

    Fixing Security Flaws Isn’t Just Microsoft’s Responsibility

    By
    DON REISINGER
    -
    September 16, 2009
    Share
    Facebook
    Twitter
    Linkedin

      In the world of PC computing, it’s fashionable to beat on Microsoft for all the security issues that have plagued the space. Whether it’s Apple mocking Windows security in its “I’m a Mac, I’m a PC” ads or countless security experts performing research on all the issues facing Windows, at least some are pointing to Microsoft’s OS as the culprit behind all their security problems.

      It’s a common point of reference for those who love Macs. And it’s a “go-to” for those who want to blame the spyware breakout on someone other than themselves.
      But when it comes time to objectively evaluate the Windows ecosystem, a much different conclusion might find its way into the discourse. Although Microsoft is to blame for some of the Windows issues users are forced to deal with, a recent study has found that unpatched client-side apps might be providing gaping holes in Windows security that Microsoft can’t even control.
      According to a report from the SANS Institute, client-side software that users haven’t patched has become a major problem as security companies try to battle malicious hackers. That has led to “waves of attacks” hitting PCs and impacting everyone from consumers to major enterprises, the SANS Institute contends.
      “On average, major organizations take at least twice as long to patch client-side vulnerabilities as they take to patch operating system vulnerabilities,” SANS reported. “In other words, the highest-priority risk is getting less attention than the lower priority risk.”
      Assuming what the SANS Institute has found is indeed true, it’s not beyond the realm of reason to say Microsoft might not be the biggest problem in the Windows ecosystem. Granted, hackers are attacking Windows PCs because there are more of them and they are arguably easier to break into than PCs running other operating systems. But some of the culpability in security outbreaks must rest with users and IT managers who take far too long to patch their applications.
      Over the past few years, Microsoft has made focusing on security a key component in its strategy. More often than not, the company is patching potential issues before they arise. And when an outbreak slips through the cracks, Microsoft has generally done a fine job of addressing those issues before they get out of hand.

      Its Time to Share Responsibility for Security

      Companies aren’t following suit. Although many developers haven’t been as quick to patch issues as Microsoft, those using the applications haven’t been so quick to update their software when patches are released. As the SANS Institute pointed out, it takes “major enterprises twice as long” to finally update applications as it does to install operating system updates. And in the process, they’re becoming subject to problems that have an impact on their productivity.
      So while blaming Microsoft is the easy thing to do, perhaps it’s major enterprises and smaller companies that should be looking in the mirror. When security outbreaks occur or a developer releases a patch, it’s incumbent upon all companies to install those updates as soon as possible. As the SANS Institute found, that’s not happening right now.
      Microsoft still bears some blame
      But as much of a problem as it is that companies simply aren’t doing enough to ensure security in their operations, it’s important to remember that Microsoft is still at fault. Just because the SANS Institute found that Windows is being updated more frequently, it doesn’t necessarily mean that Microsoft is the bellwether for how companies should handle software security issues.
      Microsoft needs to do much more than it is right now. For years, the company’s operating system has been a target for malicious hackers. And those hackers have had a generally easy time infiltrating Windows PCs and wreaking havoc. Although it’s debatable just how secure Mac OS X is compared with the competition, Apple has built in several features, including sandboxing, that has helped it limit outbreaks. Microsoft needs to come up with solutions of its own.
      That said, Microsoft has been more upfront about security issues than it has been in the past. The company has significantly improved Windows XP’s security through Service Pack 3. Windows Vista was vastly improved with the release of Service Pack 1. Microsoft claims that Windows 7 will be its most secure operating system yet. We can all hope that that will be the case, but regardless of whether it is or not, one thing is certain: Multiple layers of security will be needed.
      So it seems that the security business is tough to gauge. Although Microsoft’s operating system isn’t the only reason for problems, it is a significant contributing factor. But it’s important for us all to realize that our own actions bear some of that burden, as well.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×