Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Stuart Fox (DSL AK) (StuartFdatacom.co.nz)
Date: Mon Apr 15 2002 - 16:47:39 CDT
> Sorry! ...but I HAVE to wholeheartedly disagree! Windows
> sys admin's are sorely left out in the cold, by Microsoft.
> Please refer to http://securityfocus.com/vulns/stats.shtml.
> ...and make sure to add up all the years listed. Microsoft
> is too busy creating the next version of Windows (and some
> would say this is so they don't have to address all the
> issues in the software), to do SERIOUS testing of their
> software against even some of the KNOWN vulnerabilities,
> until it's made public. ...very sad.
Yet if you review the same page for Redhat vulnerabilities, they don't seem
to be doing significantly better. Just goes to show statistics can be read
however you want to.
> And THIS is only one of four pages of "most" of the issues
> addressed in SP2 for Windows 2000 -
> 2 There are definitely some issues this addresses, that are
> not listed.
Yes, but most of those are called bugfixes. You claim above that "Microsoft
is too busy creating the next version of Windows (and some would say this is
so they don't have to address all the issues in the software), to do SERIOUS
testing of their software against even some of the KNOWN vulnerabilities,
until it's made public.", yet there are four pages of bugfixes in SP2.
Which is it - they don't have time to do serious testing, or they're
releasing too many fixes?