Hunter Strategies LLC logo

Microsoft News Tracker

What's more interesting than observing Microsoft?

April 11, 2007

Vista security honeymoon over

Posted by David Hunter at 11:03 AM ET.

Ryan Naraine comments at ZDNet about yesterday’s Patch Tuesday fixes from Microsoft:

The carefully crafted image of Windows Vista as the most secure operating system of all time is beginning to take a beating.

For the second time this month, Microsoft has shipped a security bulletin with patches for a “critical” Vista vulnerability that puts millions of users at risk of code execution attacks.

The first time was the out-of-band fix for the animated cursor flaw.

The update — MS07-021 — is one of five bulletins released in Microsoft’s scheduled batch of patches for April.

The remote code execution flaw that dinged Vista is an error in the way the Windows Client/Server Run-time Subsystem (CSRSS) process handles error messages. An attacker could exploit the vulnerability by constructing a specially crafted application that could potentially allow remote code execution.

In all, the MS07-021 update fixes three different CSRSS bugs, all affecting Vista.

In retrospect, the touting of Vista security was a poor marketing play because while Vista is better than Windows XP, there was never any chance that users (or Microsoft) were going to be freed of the security patching follies and that is all that really counts. Admittedly, there really wasn’t much else to say about Vista besides the improved security and the Aero “user experience” for those folks not sucked into Vista Home Basic and it was a pleasant dream while it lasted.

Filed under General Business, Marketing, Microsoft, OS - Client, Patch Tuesday, Security, Windows Vista

Related posts:


Comments are closed.

News Search:

Recent Posts:

Daily Digest Email:

Enter your Email

Powered by FeedBlitz


Full category list


Archive List

RSS Feed:

HunterStrat Links:


  • Powered by WordPress.