> Art Said:
>
> >>>Avoid Microsoft ANYTHING, if possible.<<<
>
> I DO NOT want to get into a pro/anti MS flame war here,
> but...
>
> In every case I know of regarding an MS vulnerability
> (there have admittedly been many), the sequence of events
> was as follows:
>
> 1.  A benevolent hacker or a security lab discovers a
> problem and alerts MS and the press.
> 2.  MS immediately investigates and posts either a patch
> or instructions on their update site or knowledge base -
> usually very quickly.  Subscribers to their security
> updates list receive an e-mail immediately.

        Sorry, no, that is certainly not the case all (or even most) of the time.
There have been many cases where people found an "issue", told Mickeysoft,
and nothing happened, no patch, no announcement. Only after the "issue"
started to cause problems did Mickeysoft START to do anything about it.

        While Mickeysoft HAS been better on this front, lately, they still have
much to learn. TTYL

--
http://www.piclist.com#nomail Going offline? Don't AutoReply us!
email listserv@mitvma.mit.edu with SET PICList DIGEST in the body