Microsoft releases free anti-malware for Azure VMs Free anti-malware software is not hard to find: even reputable vendors offer product at the low, low, price of $0.00 for client devices/ Microsoft is now doing the same for servers – or at least for virtual machines in its Azure cloud with a new offering called (deep breath now) Microsoft Antimalware for Azure Cloud Services …
"It's secure because they provide free anti-malware for Windows VMs?"
No - because of the much lower vulnerability count for Windows Server than the SUSE or Red Hat VMs that would be the usual Azure Linux choice, and the more advanced security features. For instance you have proper constrained delegation of rights and no insecure kludges like SUDO are required, you have fully granular ACLs regardless of your choice of file system version, and many others.
This post has been deleted by its author
Look, us Windows admins happen to enjoy the point and click interface, and not having to learn too much more than the average user.
Patches once a month are a good thing, so we can always allocate a couple of days a month for the updates, during 9-5. Not only that, we will always have someone else to blame when things go wrong, (MS) and when a reboot or two is needed, it's not us who get called inadequate... because everyone expects that from Windows.
"how come the server isn't responding as well?" .. "huh? oh, Windows is acting up / indexing / updating / virus scanning / activating" .. "fking typical, if Bill Gates where here now, I'd ..."
We're in this job because the pay's not bad, not for the joy of computing or passion to be the best - it's good enough for the likes of us, so stop showing off because we don't care!!
"All our Windows Servers have no GUI installed."
All? As much as I'd like this for all of our Windows kit, how do you get on with those piles of legacy corporate apps that require a GUI to install and set up? In my experience Core doesn't seem to be an option for anything except a few core Microsoft services.
"Thank god in the FOSS world you do not need this shit ... if there is a flaw, it will be fixed before lunch, get the sources, recompile, done "
Yep just like that recent BASH hole - oh no, wait - that took like 3 extra fixes after sites were already being exploited. Maybe the DRUPAL one then? Oh no, wait - every box running it was to be considered hacked by seven hours after the patch was released! etc. etc. etc.
Not only do you usually have vastly more holes and updates than Windows with an Open Source stack, but you have a much longer average time to get fixes from a flaw being publically known (time at risk) too...
"Thank god in the FOSS world you do not need this shit ... if there is a flaw, it will be fixed before lunch, get the sources, recompile, done ... "
While that may be possible, most FOSS users can't or wouldn't do this, even for installed apps (how many fixed the Open SSL bug before a patch was released?)
If the bug is in the kernel, it's even less likely that there is someone on hand with the skills to fix it.
FOSS just means that sufficiently motivated and skilled hackers (and there are lots out there) have another way of researching security holes in software.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
