I just spent the last 3 hours without power at work, which, given my profession, is extremely frustrating. I was unable to get anything accomplished, nor was I able to goof off with any great success. No gaming, no mindless surfing, no music, and I’m not reading anything yet, having finished my most recent book.
After the power came back up (and I finished powering up the network), I was greeted by seven, count them, seven security bulletins from Microsoft. This is getting silly. I was reading an article yesterday about Microsoft’s new patch strategy, in which Steve Ballmer was quoted as saying “We will now go to monthly patches — no more than monthly.” There seems to be two reasons for this, the first one being the reasonable idea of releasing patches on a regular schedule. The second reason is slightly more silly. They want to decrease the amount of time and patches administrators have to deal with. A worthwhile effort, indeed, but a poor solution. I would instead think they should concentrate on making their products more inherently secure, and the reduce the number of patches through increased security and reliability. This plan of monthly patches is just hiding the core problem: Microsoft does not design their products with security in mind.
So, what does all this mean? I’m not entirely sure. I do know that I and many other Windows administrators are fed up with the amount of time we spend managing patches on our network. I know that we would like to see a real solution from Microsoft on this issue. And I know that decreasing the patch release schedule is just a red herring.
0 Responses to “I wear my sunglasses at night”