After reading John Hogan's recent article "Microsoft smears lipstick on a pig," I found myself enraged that someone could be so pompous as to think that Microsoft should be held to some elitist
Mr. Hogan's comment about Microsoft chief executive Steve Ballmer "smearing lipstick on a pig" (a reference to Microsoft's new direction for patch management) is both disrespectful and out of touch. I wonder if Mr. Hogan has ever deployed a service pack or security patch, or if he's ever been paged in the middle of the night because of a network intrusion. If he has, I'm sure he would see that the changes Ballmer outlined at the Microsoft Worldwide Partner Conference are a welcome change to the corporate landscape.
Mr. Hogan refers to Microsoft as a "swine" and its recent efforts as lipstick smeared on for appearance's sake. Who is the real swine here, Mr. Hogan? Is it the company that spends millions of dollars each year to ensure that its customers receive timely patches to vulnerabilities in its software, or the hackers that take advantage of companies that don't have the patches applied? Microsoft is not the swine here, hackers are. It's time that we quit expecting perfection from Microsoft and sneering at its efforts to improve. Let's place blame where it squarely belongs: with the hackers!
I have personally seen great strides by Microsoft with its enhancements to Software Update Services (SUS) and the accompanying SUS for Systems Management Server (SMS) Feature Pack. I also look forward to Microsoft consolidating the installers, simplifying the installation process and extending patch automation to all their products. These are exciting changes for the typical SUS/SMS administrator tasked with the daunting responsibility of deploying service packs and hotfixes, as well as reporting their status.
Yes, I'd agree with Mr. Hogan that Client Shielding (a new term that encompasses several security-related changes in Windows XP Service Pack 2) and Enterprise Shielding (a feature of Windows Server 2003 Service Pack 1 that will disallow clients that do not meet corporate security standards) are stopgap measures. But, what Mr. Hogan doesn't seem to understand is that if you don't "stop the gap," the floodgates will eventually perish and the waters (hackers) will flow right in. If Mr. Hogan has any suggestions to accompany his insults, I'm sure that the entire industry would like to hear them.
Larry Duncan is a SearchWin2000.com editorial advisory board member and a consultant for Collective Technologies, an Austin, Texas-based technology service provider, where he is engaged in SMS and SUS assessments and deployments for Fortune 500 companies. You can reach him at: Editor@SearchWin2000.com.
FOR MORE INFORMATION: