Security through Obscurity never works. Microsoft is blaming the world for their bad security focus. They would probably claim that they need to put non-secure products on the market to keep "innovating". This is a load of crap.

Instead of shushing vulnerabilities, how about hold Microsoft accountable for their lack of action? In the US, if a company is found to be pirating software, the head of the IS organization can be JAILED. Why not start arresting Microsoft executives every time a hole in their OS causes a major outage? It makes almost as much sense. And I promise that instead of having a secuirty RESPONSE team, Microsoft would have a security DETECTION team instead.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/281/8661#8661