Microsoft Defends Effort to Patch Flaw
IT execs, researchers split over pace of work on ANI fix
Hugh McArthur, director of information systems security at Online Resources Corp. in Chantilly, Va., said that in general, Microsoft’s 100-day turnaround time for patching the so-called ANI vulnerability doesn’t seem all that unusual.
It wasn’t as if the software vendor was “just sitting back and doing nothing,” McArthur said. “My take is that Microsoft was hoping they could get the fix written and tested prior to an exploit being written. In this case, they didn’t make it.”
Despite all the hoopla, the vulnerability “ultimately wasn’t a big issue” for Online Resources, McArthur said. But he added that the online bill-processing company treated the threat “very seriously” and made sure that its antivirus software was up to date and that its monitoring tools were configured to detect any exploit attempts on its systems.
1 comments:
i'll blow your "horn"
Post a Comment