● 05.20.13

●● Not Satire: Microsoft Wants to Show the World How Security is Done

Posted in Microsoft, Security, Standard at 9:13 am by Dr. Roy Schestowitz

Microsoft tries to paint itself as “fighting the bad guys”

Summary: Software security ‘standard’ to be led by the company which made insecurity an acceptable engineering practice?

According to this new report (criticised heavily in this LXer thread), Microsoft is trying to lead security standards as if Microsoft is the master of security. Oh! The vanity!

↺ this new report

↺ this LXer thread

“Previously, roughly half a decade ago, Microsoft fonts also enabled remote hijacking of one’s Windows-running PC.”Microsoft is not just bad at security but also at patching security flaws; many people, especially in businesses, won’t install updates from Microsoft without qualms because these tend to break the software every now and then, even weeks ago. As IDG put it: “The saga of botched patch MS13-036 takes new twists and turns — including a problem with Multiple Master fonts” (familiar story, not the first of this kind).

↺ weeks ago

Go on and wonder how poor modularity must be if a security patch can impact fonts. Previously, roughly half a decade ago, Microsoft fonts also enabled remote hijacking of one’s Windows-running PC. █

“Our products just aren’t engineered for security.”

–Brian Valentine, Microsoft executive

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.

Permalink Send this to a friend

Permalink

↺ Send this to a friend

----------

Techrights

➮ Sharing is caring. Content is available under CC-BY-SA.