How many vulnerabilities will we accept?

I'm inundated with security issues with numerous products. And, guess what? Most of them are non-Microsoft.

I subscribe to the RSS feed for security vulnerabilities. Every day I'm inundated with security issues...

with numerous products. And, guess what? Most of them are non-Microsoft. Most of them are open source software. And, the funny thing is that when they are issued, there is already a patch available.

What does that mean? Well, it means the vendor didn't disclose the issue until a patch was available. Is that a good thing? I guess that depends on your idea of a "good thing" is when you realize these vulnerabilities have been there for a while and the vendor didn't want to communicate it until they could figure out a way to fix it. So, does that mean most vendors can't figure out a way to fix their products for six to eight months? Apparently.

How long are we going to sit here and wait for open source application vendors to get it right? Of course, to me there is no open source -- it's still just the freeware of yesterday.


Rod Trent, manager of and a Microsoft MVP, is an expert on Microsoft Systems Management Server. He has more than 18 years of IT experience -- eight of which have been dedicated to SMS. He is the author of Microsoft SMS Installer, Admin911: SMS, and IIS 5.0: A Beginner's Guide and has written thousands of articles on technology topics. He can be reached at

This article first appeared in, the premier online destination for IT professionals responsible for managing their corporations' Microsoft Windows systems. The centerpiece of is a collection of member forums where IT professionals actively exchange technical tips, share their expertise and download utilities that help them better manage their Windows environments, specifically Microsoft Systems Management Server (SMS). It is part of the TechTarget network of industry specific IT Web sites. To register for the site and sign up for the daily newsletter, click here.

This was first published in May 2005

Dig Deeper on Microsoft Active Directory Tools and Troubleshooting



Find more PRO+ content and other member only offers, here.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: