Right, Microsoft, no more new features to be added until the monthly patch count is down to single figures!
No pudding until you eat your dinner.
Microsoft on Tuesday released updates addressing 83 vulnerabilities in its software, which doesn't include the 13 flaws fixed in its Edge browser last week. That's up from 58 repairs made in December, 2020, a relatively light month by recent standards. Affected applications include: Microsoft Windows, Microsoft Edge (EdgeHTML …
This post has been deleted by its author
They're all publicly known now.
A major problem of scheduled bulk patch releases is that they give the adversary notice of a wide window of opportunity as most business don't leap up and patch on release day. Despite many patching policies saying " Critical - within 24 hours" that hardly ever happens - it's more typically a week to 10 days (sometimes much longer). So there's plenty of time to create and deploy a shotgun attack against the numerous sluggards.
I don't think it's fair to call business sluggards, when we've all experienced bad updates breaking things, and have to have at least a week of testing to make sure that we aren't going to have to rebuild all the computers in the company because of one borked update...
We're always told that there are "Bug Fixes" and within a month or two we get more "Bug Fixes" - so the current "Bug Fixes" are simply moving the bugs around. It just looks like each bug is patched but hardly ever tested thoroughly - no need to test the code? "Of course not sir, it complied without any errors so we can release an update tomorrow."
Biting the hand that feeds IT © 1998–2021