> I wouldn't dare to mention Microsoft,
> security and my name at the same sentanse!

That would sound more intelligent if you spelled "sentence" properly. Somehow I suspect Microsoft Security doesn't want to be associated with you either, so it's at least it's a mutual thing.


> Imagine if someone right now discovers
> a remote exploitable vulnerability in IIS
> for example, forgets to notify microsoft
> for the vulnerability, and writes a worm.
> In metter of hours so many hosts will go
> down, that until the MCSE "professionals"
> figure what to do, most of them will be
> without a job.

Isn't that what happened to all those Linux servers when the "Slapper" worm came out? Microsoft, on the other hand, has a track record of having patched every major vulnerability prior to the release of any worm exploiting said vulnerability.


> The only thing that saved microsoft
> this time was the report of this vuln.

Yes, once again they maintained a perfect track record of fixing the vuln prior to release of the worm. You can say 'if' all day, but it's NEVER happened yet... not even once. Microsoft has always had the fix released prior to the exploit.


> Get a grip, then a life while youre at it.
> Write about something original, something
> the readers will benefit from.

I for one benefit from this just the way it was written, thx.


> We know microsoft's dirty tricks!

like what? paying $5mil to fund law enforcement initiatives?

-S

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/199/23889#23889