Remember that patch that Microsoft recently issued to fix a security hole in the Explorer browser? The hole that could potentially enable an attacker to read files or run programs on a computer used to view the attacker’s Web site.
Well, since then Microsoft has issued yet another update alerting consumers that the patch used to fix the initial security problem could cause some users to be unable to ‘authenticate’ certain Web sites, such as subscription-based sites, or MSN e-mail.
Thankfully, this issue has now been resolved, and, to its credit, Microsoft has issued a ‘hotfix’ to correct it.
But I’m not all that impressed.
Are they taking the proverbial? If one shells out $1000 for a PC with Windows and Explorer, surely one shouldn’t be forced to look at the Microsoft Security site every single day of one’s life to ensure that the computer is either (a) still secure or (b) still useable?
Imagine that you had to check under the hood (bonnet) of your car to ensure that the engine was running before you went to work! How long would people put up with that?
And imagine the trouble and expense this patching nonsense is causing IT departments all over the world? So what should we do about it?
How about this? Taking a leaf out of the baseball boys’ books, users all over the world could take a ‘three patches and you’re out’ approach to Microsoft. If the company issues a third patch for ANY MORE of its software, we should send it a ‘Notice Of Extreme Incompetence’ that requires Microsoft to pay for any expenses incurred as the result of its inability to get things right the second time around.
More information on the hotfix, including details on how to obtain it, are available on the Microsoft Web site.
If you can get into it.