Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Missing A Key Reason (Score 1) 256

All this reasoning misses a key point. If Microsoft releases patches on a very frequent basis, IT departments aren't necessarily going to patch their infrastructures (remember we're talking potentially about tens or even hundreds of thousands of nodes) with the same cadence. So in many cases those infrastructures are going to lag behind the current patch level.

But once a patch is made available, it provides an opportunity to reverse engineer the patch to determine what the defect was. This gives hackers the opportunity to devise attacks that leverage the vulnerability.

So you see what happens: if Microsoft releases too frequently it creates a large window of opportunity for infrastructures to remain unpatched and therefore vulnerable to exploits.

Microsoft chose a monthly release strategy as a balance between too often and not often enough. It's not perfect but the alternative is far less desirable.

Slashdot Top Deals

A debugged program is one for which you have not yet found the conditions that make it fail. -- Jerry Ogdin

Working...