More Bad News For Windows Users: Serious Flaws Found In Microsoft Apps

by , 11:00 AM EDT, October 20th, 2003

Still more problems for Microsoft: Yahoo! News is reporting that the Redmond software giant has issued advisories and patches for seven new flaws found in several Microsoft applications. This news does little to improve Microsoft's image, which has taken a beating of late due to a rash of flaws found in other applications and versions of the company's Windows operating system. From the Yahoo News article, Still More Flaws Uncovered by Microsoft:

Seven new software flaws have been revealed by Microsoft, which described five of the vulnerabilities as critical and offered patches for all of them. The alerts were part of the first in a monthly alert program announced by the company last week as it attempts to take a more proactive approach to security.

In Wednesday's advisory, Microsoft said the five most serious vulnerabilities include a flaw in its authenticode verification software and four buffer-overrun issues affecting Windows ActiveX code, Messenger Service, the company support center, and the ListBox and ComboBox applications.


"This is a reasonable approach, but it's very difficult for the patch releases to keep up with the launch of viruses," said Yankee Group analyst Eric Ogren. "And while it helps small and medium-size businesses and consumers, it doesn't do much for enterprise customers."

More to the point, Ogren told NewsFactor, is that Microsoft has no excuse for not fixing buffer-overflow problems in its software, since the technology to plug such holes is available from a number of vendors, including Cisco and Network Associates. "The company has the ability to take a leadership role in buffer-overflow protection and has not done so," he said.

Delivering patches in groups is not particularly useful, the analyst said, since it will take too long for the fixes to be implemented by users.

Get more information in the full article at Yahoo! News.

The Mac Observer Spin:

Many of you work with PCs that run Microsoft applications (as opposed to those of you who use PCs that run some version of Linux), so this news is important to you. For those of you who may be thinking about Switching to Macs or Linux, but are still undecided, this news may help tip the scales.

For those with OSes and applications that do not come from Microsoft, this news will once again validate the choice you've made.

One thought about all of this is that once Microsoft gets through discovering most, if not all, of the holes, and then patching its apps and OSes, it could presumably have a solid set of software. Windows users may even find that they can run their computers with UNIX-like reliability. Of course, by then Microsoft will have suffered through a mountain of bad press and perhaps a significant number of defections.

There is one thing that Big Redmond can count on that has helped it out of bad times before: The extremely short memories of its customers. People will bitch and moan about Microsoft while there is something to bitch about, but they seem to forget those problems when it comes time to buy new hardware and software, and then often fall right back into the same old position of bitching and moaning about Microsoft. Meanwhile, Microsoft has made its money and has moved on.

That, fortunately for Microsoft, is the way of things, which may be why Bill Gates and crew aren't losing any sleep over all of the bad press; they know that it will pass and that people forget.