Apparently its our fault that Windows has a continious string of security flaws that are getting compromised by virus’s, at least thats Micro$ofts take on it.
See, last week a high-level Microsoft manager named Jonathan Perera was making the it’s-your-fault-too pitch at the Infosecurity Europe conference in London. At exactly the same time, security companies were reporting a new round of attacks on Microsoft products, including IIS and Exchange Server, based on yet another Microsoft buffer overflow vulnerability.
Microsoft had issued a patch for that security hole just two weeks earlier. But the hole is in every version of Windows NT and XP Pro that has shipped since Windows NT 4.0 in 1996.
In other words, it took Microsoft almost eight years to find and fix this hole — a hole that exists only because of Microsoft product development policies that in another profession would be called malpractice.
We had 2 weeks to patch all our millions of Windows machines between the time when MicroSoft released the patch, and the advent of the virus…. and since that wasn’t enough time to test microsoft patches (which have several times in the past caused more problems then they have fixed.) many systems are now infected with Sasser or other exploits, and it’s apparently our fault.
Some times I find myself profoundly grateful that I run linux for nearly everything. :-)
If you haven’t run windows update in the last couple of weeks, now would be a good time.. and while your at it, run a virus scan to make sure your not one of the people spamming the internet with virus ladden emails.