MS Security Tool Finds Holes, Disgusts Users

by Bill Pena

Related link: http://www.wired.com/news/technology/0,1282,46272,00.html



Microsoft released Microsoft Personal Security Advisor (MPSA), a web-based tool that scans PCs for security holes, available patches, and insecure system settings, and reports problems and solutions to the user. Surprise! Experienced users who thought they were vigilant about security -- installing patches, checking security alerts, and using anti-virus software -- found themselves blown away by the results:


"Oh my god, I can't believe all these holes," said Terry Montono, a high school computer lab teacher. "I lecture my kids about keeping up with patches and I thought I was doing a good job of keeping my computer clean. But it's like there's a secret basement in Windows 2000 that's filled with huge cracks that will let people enter my computer."


I see this as a gargantuan chink in the .Net armor; how in the world will you make people entrust all their personal information to Microsoft, while revealing (by hook or by crook) the swiss-cheese security that plagues their web server, OS and web browser? Invasions of the Sircam and Code Red internet worms within Microsoft itself have proved MS to be unable to secure their own corporate servers, even after releasing patches that "fix" the exploits crackers use against them.


Yet again, a reason to use an Open Source OS.


4 Comments

johnmunsch
2001-08-28 13:39:13
There are a multitude of reasons to use an open source OS
But this is not one of them...


Unix systems have been subject to worms before and if Linux were to take over the desktops of everyone in the world tomorrow you would still have clueless people who would run unsafe email attachments. They would just run them on Linux instead of Windows.


This argument is better as an argument for why operating systems should have a way of automatically performing upgrades on a regular basis to block security holes _for_ users so they don't have to become security experts in order to be connected to the Internet.

neh123us@yahoo.com
2002-11-17 19:25:11
Anyone remember SATAN
Sounds very similiar to SATAN from a few years ago. http://www.cert.org/advisories/CA-1995-06.html
Whatever happened to it?
security tool
2006-08-24 23:25:01
to protect our privacy, we should own our security software!
security tool
2006-08-24 23:26:33
sorry, i have forgotten this:


http://www.shareware123.com/utility/security_encryption/index_26.htm