Security News > 2003 > February > Re: Experts: Microsoft security gets an 'F'
Forwarded from: Mark Bernard Dear Associates, Actually this statement may not be far from the truth, however it needs to be quantified. Typically within the information security program framework we measure the success of any program by the reduction in the number of incidents of a specific targeted group. The question should be, has the number of occurrences of this particular type of incident been reduced overall? If the group making the statement has measured the success of the Microsoft's initiative against how many systems were actually infected they may be using the wrong set of quantifiable criteria, thus their statement would be unjustified. A typical program takes three years to mature and will need to be tweaked a couple times before it hit 100% of the target. I should also qualify my statement, I am in no way a Microsoft supporter. I truly believe that when a group dominates a market place such as Microsoft has, the market in question becomes unhealthy. However, that's good for information security professionals. More balance is necessary. Happy hunting! Mark. ----- Original Message ----- From: "InfoSec News" To: Sent: Monday, February 03, 2003 2:24 AM Subject: [ISN] Experts: Microsoft security gets an 'F'
News URL
http://www.cnn.com/2003/TECH/biztech/02/01/microsoft.security.reut/
Related news
- Microsoft patches scary wormable hijack-my-box-via-IPv6 security bug and others (source)
- Microsoft patches scary wormable hijack-my-box-via-IPv6 security bug and others (source)
- Microsoft disables BitLocker security fix, advises manual mitigation (source)
- Microsoft security tools questioned for treating employees as threats (source)
- Microsoft hosts a security summit but no press, public allowed (source)
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes (source)