Given the problems with the latest batch of Microsoft updates, and KB977165 in particular, it’s been interesting following the development of comments across the Internet.
Confusion over which update was causing the issues was rampant at first, with suggestions that all the recent ones needed to be removed before the BSOD was avoided, was quickly resolved as the ‘guilty’ party was identified. But there still remained the question about what was actually causing the blue screen.
An early idea was that the only systems suffering from blue screens were already infected with something, and it now appears possible that at least one underlying cause has been found.
However, my interest is in some of the associated comments regarding how this was missed pre-release – and this poses an important question. Presumably Microsoft keeps there system as malware-free as they can. Patches are tested in a known environment, and while they can be expected to take into account as many variables in terms of configuration and hardware as possible, is it fair to suggest that they should take into account all the possible malware infections as well?
Those that shout loudest are likely to be people with infected PCs, but surely it’s their own responsibility to keep the system clean, not Microsoft’s to test against an already corrupt setup. In essence, my argument is that KB977165 is not the root of the problem; as usual, this is clearly the fault of IT Security in ensuring that no infections got into MS. A case of “damned if you do, damned if you don’t”.
No comments:
Post a Comment