S
till more problems for Microsoft: Yahoo! News is reporting that the Redmond software giant has issued advisories and patches for seven new flaws found in several Microsoft applications. This news does little to improve Microsoftis image, which has taken a beating of late due to a rash of flaws found in other applications and versions of the companyis Windows operating system. From the Yahoo News article, Still More Flaws Uncovered by Microsoft:
Seven new software flaws have been revealed by Microsoft, which described five of the vulnerabilities as critical and offered patches for all of them. The alerts were part of the first in a monthly alert program announced by the company last week as it attempts to take a more proactive approach to security.
In Wednesdayis advisory, Microsoft said the five most serious vulnerabilities include a flaw in its authenticode verification software and four buffer-overrun issues affecting Windows ActiveX code, Messenger Service, the company support center, and the ListBox and ComboBox applications.
…
"This is a reasonable approach, but itis very difficult for the patch releases to keep up with the launch of viruses," said Yankee Group analyst Eric Ogren. "And while it helps small and medium-size businesses and consumers, it doesnit do much for enterprise customers."
More to the point, Ogren told NewsFactor, is that Microsoft has no excuse for not fixing buffer-overflow problems in its software, since the technology to plug such holes is available from a number of vendors, including Cisco and Network Associates. "The company has the ability to take a leadership role in buffer-overflow protection and has not done so," he said.
Delivering patches in groups is not particularly useful, the analyst said, since it will take too long for the fixes to be implemented by users.
Get more information in the full article at Yahoo! News.