Linux Today: Linux News On Internet Time.

CNET News.com: Microsoft criticized for lack of software security

May 06, 2000, 11:46 (7 Talkback[s])
(Other stories by Paul Festa, Joe Wilcox)

"Look at it this way: The "Love" bug isn't a bug after all. It's a feature. That's the wry analysis of security experts in the wake of the destructive global spread of the "I Love You" virus and its variants. They say the worm's lightning-fast spread is a perfect demonstration of Microsoft's powerful technologies working exactly as they were designed to operate."

"The fundamental problem, these experts say, is a market-driven impulse to include as much functionality as possible in applications at the expense of security. While all companies face the same pressures from customers, none are as famous as Microsoft for yielding to it. "At Microsoft, they always go for more functionality over security," said Gary McGraw, vice president of corporate technology at Reliable Software Technologies."

"The problem also goes back to Microsoft's corporate philosophy and how it designs products. The software maker's success stems partly from its ability to tightly tie applications to each other and to its flagship Windows operating system. ... But as Microsoft has increased the ties between applications and the operating system, particularly bundling Outlook with Office and hooking it to Internet Explorer, the company has created new security vulnerabilities, analysts say. "Microsoft has built in the ideal virus transmission mechanism into the operating system," said Gartner Group analyst John Pescatore."

Complete Story

Related Stories: