It's an unpleasant fact: Programmers write buggy code. It's not their fault. Given the complexity of modern software development platforms, bugs are inevitable. What matters is that programmers acknowledge bugs when they arise and that they take steps to correct them before they can cause any harm.
Case in point: Internet Explorer. Microsoft's browser has long been recognized as a major vector for malware and other exploits, owing to its infamously permissive design and a seemingly endless string of security vulnerabilities. So when Microsoft released a critical security update to IE in mid-April, it should have been cause for celebration. Microsoft's developers were doing their jobs. Another security hole had been closed.
[ Roger A. Grimes is skeptical of iron-clad browser security in his blog post, "The curious case of the invulnerable Web browser" | Learn more about securing your systems with InfoWorld's Security Adviser blog and newsletter. ]
Except the update wasn't just another security patch. It was Internet Explorer 8 -- an entirely new, major-numbered version of the browser. Users who agreed to install it found that it took the place of their old version of IE. Users who didn't ... well, they would have to be brave enough to ignore a "critical security update." Decisions, decisions.
Setting a new standard with IE8
There's a strong argument to be made for what Microsoft did. Older versions of Web browsers are notoriously noncompliant with W3C standards; older versions of IE, doubly so. With IE8, Microsoft is in the unique position to twist every IE user's arm into installing the latest version, thereby creating a new de facto standard on the Windows platform. And IE8 is the most standards-compliant version to date. For Web developers, it could be a godsend.
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »Download a free 30day trial and experience how XenDesktop delivers a pristine, ondemand desktop experience to users on whatever device they choose, while cutting IT complexity and costs.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
And that is why I recommended Woody Leonhard's site. He does all the grudge work of sifting through the KB Articles and blog buzzes, and presents an executive summary which includes a five-point scale of when it is or is not safe to patch. Very simple and very useful.

Sign up to receive InfoWorld Resource Alerts

1 reply