Sunday, July 02, 2006

Security Garden Spotlight

The first Security Garden spotlight is on Microsoft MVP Susan Bradley's "The real misconception about WGA" in which she states:

"...what I really don't like about it is the fact that it breaks the trust of patching. It's not a security update... and it's certainly only critical of a patch to Microsoft.. and the fact that the first 'drop' of it was a beta that was not clearly communicated to those of us who got that WGA update just was one of those moments that as a customer of Microsoft you just want to say to someone, somewhere... what WERE you thinking?"
Absolutely! AU (Automatic Update) is *supposed* to be for critical updates. As Susan pointed out:

"To whomever was the Product Manager who gave the go-ahead to place this WGA update into the "critical" section, shame on you. Shame on you for approving a beta patch to be offered up as a critically needed patch. Shame on you for not informing folks appropriately. Shame on you for not providing appropriate support mechanisms."
I recommend you read the complete article, linked above. I did and agree completely that Microsoft's WGA Notification tool
"...made the job of those of us who urge people to patch just a little bit harder."
Bravo, Susan!

No comments: