This article is REALLY slanted. The blame for the MS security fixes fall squarely on the shoulders of MS and almost no one else. If the coders who write ATM software took this guys advice, then older ATMs we be easy to hack since security was not so important back a few years ago.

It is true that not everyone was patching their systems. But the reason for this was horrible patches from MS. Patches that either did not work or even worse broke functionality. So yes you could say that some of fault of worms lays back on the sys admins. But that is only because of bad experiences before.

One of the largest problems with IIS and security is the fact that it HACKED into the OS. Any idiot with a college degree can tell you this is a bad way to go. It is amazing how long apache can run vs IIS based on this fact alone. IIS is a hog and they made a bad OS even worse by inner twining the whole thing.

Security is only a priority at MS because it had to be. MS only reacts. And the only reason they reacted in this case was the amount of people and the government.

If MS has so much cash in the bank perhaps they should come up off of it and actually pay someone to fix the security issues in their products.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/330/31988#31988