> These vulnerabilities are exploited by viruses and
> hackers, and these may cause damage to our computer
> systems, and may involve additional cost
>> Are not the hackers and virus-writers ultimately
liable, assuming they can be identified and caught ???
If there were no vulnerabilities to exploit, probably
there would not have been hackers and virus writers,
or they would pose a lesser threat...
> to protect ourselves against these threats, we have
to
> apply latest patches, use uptodate antiviruses.
>> In other words, good Systems Administration and
Network Security practices
No threats => no patches to apply => no antiviruses
to use !!!
(Of course this is a best case scenario and not a
realistic one)
> I was just wondering if Microsoft does not have a
part
> of responsibility in all this? After all we are
paying
> this company a fortune for OS and applications that
> contain vulnerabilities/bugs.
>> Of course they do. And by agreeing to the EULA,
you waive all liability. . .
Vendors put this clause to protect themselves, as
customers can;t we modify the EULA or make vendors
sign agreements that make them liable?
> Should we continue to pay Microsoft for its buggy
> software packages? Can we sue it for the damages
that
> it can potentially cause to our company (interms of
> cost, reputation, etc)?
>> 1. Feel free to migrate to Linux or any of the
*nixes. Your real problem is at the desktop: too many
users would freak at a KDE or GNOME desktop, and
without their buggy-but-familiar Word, Excel,
Powerpoint, and Outlook. . .
I agree, there is a serious lack of competitors, M$
is the king of the world!
>>Microsoft is offering a free utility, Software
Update Services (SUS) to
>>help you patch machines in your organization.
SUS I learned from this very list, deploys only OS
patches, IIS patches for example cannot be deployed...
>>Second, I have not seen any evidence that Microsoft
releases
>>statistically more patches than its competitors.
I'm not saying
>>Microsoft does not release a lot of patches such as
the montly patch for
>>Internet Explorer.
But Microsoft is the most used OS, and the
consequence of a vulnerablity being exploited is more
serious
>>Third, based on my initial comments, I think
Microsoft is taking some
>>responsibility to secure their code. If you
disagree, perhaps you
>>should switch to non-Microsoft software.
If I had serious alternatives, I would have done so
long ago!
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
---------------------------------------------------------------------------
----------------------------------------------------------------------------
