“Our products just aren’t engineered for security.”
Microsoft was trying to deflect the blame away from its highly insecure software and onto people who write the exploit/s to take advantage. With the help of the BBC, which it had corrupted, Microsoft proceeded to blaming computer users for Microsoft’s shoddy engineering that is even killing people. LinuxToday has a strong rebuttal:
And too stupid or dishonest to report Microsoft Windows as the defective disaster that it is. If it were any other type of product it would have banned from every country in the world long ago. The BBC reports the latest Windows Conficker worm outbreak in typical “oh no big deal” fashion, does not identify this as a Windows worm until several paragraphs into the article, quotes industry security vendors as though they were actually worth listening to and not useless weasels, and then blames end users:
“The worm is spreading through low security networks, memory sticks, and PCs without current security updates…
“”Microsoft did a good job of updating people’s home computers, but the virus continues to infect business who have ignored the patch update…
“”Of course, the real problem is that people haven’t patched their software,” he added.
Please excuse me while I go kick something. Of COURSE it’s the users’ fault. They’re still using this most expensive piece of defective crapware in the entire solar system. But its incurable defects are not their fault. (We need to give up the notion that such computer users can be rescued by Linux– we don’t WANT them using Linux. “It is impossible to make anything foolproof, because fools are ingenious”.)
IDG identified flaws in Windows’ update mechanism, but besides, it doesn’t really matter if Microsoft patched the flaw. Why was such a huge flaw there in the first place?
Windows Update Shows Its Quirky Side
While installing the updates, my firewall asked about allowing outbound access to a program running from the E disk, an external hard drive. This was the first time I’ve seen Windows Update stomp on anything outside of the C disk. The computer had other hard disk partitions with higher letters of the alphabet, so my guess is that it chose the E disk because it had the most available hard disk space.
White hat hackers have created a proof of concept demo illustrating how improved User Account Control (UAC) features in Windows 7 might be completely bypassed.