The Wall Street Journal reported last Friday that Microsoft has a special list of clients who receive security fixes before the general public. The only disclosed recipient thus far is the United States Air Force. The concern is that if anyone can intercept the update, analize it for the flaw being corrected, and beat the general release, then they have a gaping flaw that can be exploited on a major league level.
Let’s stop and think a minute. Microsoft updates software with patches every day. Not everyone goes for the latest update (indeed, how many users are still on Windows 98 as we speak in 2005?). Further, the updates are freely released. So the same risk exists with every update, just on a slightly smaller scale. If Microsoft didn’t pre-test the release — and they sometimes don’t install well — and instead sent that release to the general public to test, there would be hundreds of thousands of unhappy people when the install failed.
What major software maker wouldn’t want to release a beta or any update if they have the time to do it. Early reports were off-base (no pun intended) on this one, as this is probably a good thing. Read this later report to get a more objective view of the program and it’s value.
