Microsoft distributes free CDs in Japan to patch Windows

• Previous message (by thread): Microsoft distributes free CDs in Japan to patch Windows
• Next message (by thread): Microsoft distributes free CDs in Japan to patch Windows
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 25 Aug 2003 08:35:43 CDT, Jack Bates <jbates at brightok.net>  said:

> Which is why Microsoft should issue a software equivelant of a recall. 
> Systems shouldn't be sold vulnerable without at least a patch CD.

The problem is that you need to look at the sum of (lead time) + (time patch CD
spent on shelf).  Given a lead time of 4-6 weeks, and sitting on the shelf for
2-3 weeks... and suddenly you're looking at a 2 month old patch CD.

Now take a look at the last few year's Microsoft advisories, and ask yourself:
What percent of the time was the *last* remote-exploitable major hole more than
2 months old?

And getting the lead time down to 4-6 weeks would be a challenge - remember you
have to *ship* the re-mastered patch CD to every retailer and get it on the
shelves.  That's going to hit your bottom line.  And keep in mind that
Microsoft doesn't have to answer to its customers, it has to answer to its
shareholders. As long as security problems don't affect it's bottom line, we're
not going to see any change at all.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20030825/2f686481/attachment.sig>

• Previous message (by thread): Microsoft distributes free CDs in Japan to patch Windows
• Next message (by thread): Microsoft distributes free CDs in Japan to patch Windows
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]