(2 votes, average: 10 out of 10)
Loading ...Even security experts can’t decide patch priorities
We call it Patch Tuesday, but by the time IT managers figure out how to ensure their Microsoft-based systems don’t crash it’s probably a lot closer to Saturday.
When you get 14 fixes at a time, it’s got to be confusing, and researchers were divided on which of the “critical” fixes were the most critical (although the one about Windows Graphics Rendering Engine seems to be a contender).
I wonder if this might be a good time for Microsoft to consider adopting more of an open standards approach by using the latest version of the Common Vulnerability Scoring System (CVSS) rather than its own arcane coding system. Canada’s nCircle today said it would be making its products and services compliant with it. If more companies don’t do the same — particularly the big juggernauts like Microsoft — I can’t imagine Patch Tuesday getting any less painful.
