Menu
Microsoft patches include a surprise

Microsoft patches include a surprise

There was a little surprise buried in Microsoft's monthly security bulletins Tuesday. It turns out that Microsoft had quietly slipped out one of the February fixes, just days before its Jan. 30 Vista launch.

The fix was for a bug in Microsoft's Malware Protection Engine, used by products like Windows Defender, OneCare and Antigen to scan for malware. Microsoft had discovered that the engine could possibly be tricked into running unauthorized code if it scanned a specially crafted PDF file.

Nobody has actually launched such an attack, but since these products are always automatically scanning for malware in the background, the vulnerability could have led to some pretty nasty exploits.

Still, it's strange that Microsoft waited so long to notify its customers of the patch.

It's rare for Microsoft to release one of these out-of-cycle updates, but since they adopted their monthly patch process back in October 2003, they generally let people about them as soon as they're released.

Microsoft's Mark Griesi told me that they decided to send out the malware engine fix as soon as it was ready on January 26 and that this kind of quick fix is standard practice with most security software. But he said there was no particular reason why the company decided to wait until February 13 to tell people about it.

Microsoft just hasn't been in the position of having to patch its security software since rolling out the monthly patch process, he added. "It was one of those first-time situations: 'Should we say something now or should we just wait,'" he told me. "This time we decided to wait. We won't do it again."

From a PR perspective, it wasn't a bad move. Microsoft has touted Defender as one of the top three Vista security features. It wouldn't have been much fun to be talking about a major security flaw in the product just days before the Vista launch, would it?


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments