Server Attacks Stump Microsoft

After reading this article I find it more than a little funny that Microsoft is unable to tell why specific Windows 2000 systems are being hacked. They don't know whether an old vulnerability is being exploited, because they can't tell whether or not all the existing security patches have been installed.

Windows Security 292 This topic was started by ,


data/avatar/default/avatar06.webp

760 Posts
Location -
Joined 2001-11-10
After reading this article http://news.com.com/2100-1001-956647.html?tag=fd_top I find it more than a little funny that Microsoft is unable to tell why specific Windows 2000 systems are being hacked. They don't know whether an old vulnerability is being exploited, because they can't tell whether or not all the existing security patches have been installed. This makes me laugh. I've hated MS's security patch team ever since this whole hacking craze started. Microsoft needs to learn to use their own technology and utilize it consistently. Of course they can't tell what patches are installed. Some of them are in Windows Upate, Some in KB Articles, and some in the Microsoft Security advisor. Nobody can keep them all straight, but they aren't all in one place. Why in the hell don't they just stick with windows update? It's supposed to be a one stop windows update shop right? If they were utilizing windows update exclusively maybe they'd be able to tell whether all the patches were installed or not. Duh! They also need to do the same thing with office and visual studio too. They have facilities to autodetect the necessary patches so why in the hell do they keep releasing all these standalone .exe patches? I know it's easier for Admins when they're in .exe format, but if Windows Server products had an option to select what windows updates would be installed on all network clients that would eliminate that problem too. [if they don't have that already?]
Oh well we already know MS sucks and is bloated with bureacracy and can't get anything done in a timely manor.
Rant(us) End(us),
Christian Blackburn

Participate on our website and join the conversation

You have already an account on our website? Use the link below to login.
Login
Create a new user account. Registration is free and takes only a few seconds.
Register
This topic is archived. New comments cannot be posted and votes cannot be cast.

Responses to this topic


data/avatar/default/avatar16.webp

1615 Posts
Location -
Joined 2000-03-25
I like MS
I think they do a damn good job
Of course they are going to be most atacked, they are most used
obviously there are many things to keep track of and fix
I am sure that a problem like this will be followed with a good solotion
MS doesn't let it slide they fix stuff all the time and it makes the software taht we use better.
 
Obviously u use nt somewhat I mean you are at ntcompatable
give MS a break man
you catch a lot of crap when you are the best.

data/avatar/default/avatar06.webp

760 Posts
Location -
Joined 2001-11-10
OP
I worked at MS twice as a tester and no they don't fix that much stuff. Most of the bugs reported don't get fixed. MS goes hmm that'll piss off users, but it'll cost us X man hours to fix so screw 'em. So then MS gets a trillion support calls regarding issue XYZ that they could have just fixed and avoided. Although that doesn't bother MS either, because they charge a shitload for support calls which should be free or close to it. Furthermore it's compeltely idiotic to build a program with known bugs that'd be like continuing to build a new house when you already know the foundation has rotted.

data/avatar/default/avatar19.webp

3857 Posts
Location -
Joined 2000-03-29
You worked "at" MS or as a beta tester for MS products? I am a tester for IIS and SQL server, and I have received several updates when bugs are submitted and a fix is made. Many times issues are resolved in the beta newsgroups as well, and weren't necessarily bugs to begin with. I am curious as to your extent of work with them and what programs you worked with to form this opinion.

data/avatar/default/avatar36.webp

1207 Posts
Location -
Joined 2000-03-27
I am in full agreement with the above.
I have never failed to get full support on any MS product I've had the need to call their support about.
This has gone to the extent of actually having KB articles created after a problem I'd found was successfully fixed.
 
Oh well we already know MS sucks and is bloated with bureacracy and can't get anything done in a timely manor
 
Then I must be one of the few people who doesn't know this then.
A pretty bold statement "MS Sucks" for which my only assumption is that you are a Unix engineer or similar as most IT Managers, Systems Administrators I know and have worked with always look at the best solution for any given task - At least 50% of the time that would be a Microsoft product.
 
Most fixes for exploits and potential problems are relased by Microsoft within days.
Usually by the time the "exploit" is publically known there is already a fix available.

data/avatar/default/avatar16.webp

1615 Posts
Location -
Joined 2000-03-25
Quote:I worked at MS twice as a tester

NE1 can be a beta tester
that doesn't mean you are working for them
at best you are working with them

I am a beta tester and right now i am using .NET RC1 all over my network.
When problems are found the newsgroup is consulted and answers are given as it should be. So where is the damn problem.

MS also fixes lots of stuff that is like a potential issue.
I see new security hotfixes all the time that outline some really rediculous scenario that could almost never happen and hasn't yet happened but they have a fix for it. Does MS want to let it slide? NO. Do they want more support calls? NO. I can tell you this they did not get where they are by letting it slide. The best argument that you have against ms is that win 9x sucked and was buggy but that is old news.

data/avatar/default/avatar28.webp

95 Posts
Location -
Joined 2001-12-19
Hey! ...I must work for Mircosoft too! ...Cuz I used to work for the pen company Bic, and I'm quite sure they use Bic pens at Microsoft, so that must mean I work for them!!
 
Cool, now I got something else to impress the chics with!

data/avatar/default/avatar19.webp

3857 Posts
Location -
Joined 2000-03-29
What, your mad AD and DDNS skillz aren't hooking you up with da womenz at clubs?