Summary: Microsoft claims to have just addressed 34 vulnerabilities, but Microsoft also admitted that it secretly patches vulnerabilities without ever disclosing them
THE mainstream media enthusiastically repeats claims from Microsoft itself, rather than rely on an independent audit of Microsoft’s code before and after patching. We keep finding headlines like “Record Patch Tuesday yields critical Windows, IE fixes” or “Microsoft Issues Biggest Security Patch Yet”, but Microsoft has already admitted lying about the numbers.
The massive patch is the largest since October, 2009, when Microsoft issued 13 security bulletins covering 34 vulnerabilities.
This neglects the fact about Microsoft’s silent patching, not to mention lateness as we illustrated yesterday. To recap, a Microsoft manager has admitted that Microsoft has is fixing flaws without ever disclosing it (we have also seen evidence of this for years) and some critical flaws are hidden rather than addressed by Microsoft. █