Fresh after the article from security firm Sophos entitled “Sophos recommends Macs for security“, A member of Microsoft’s security team blasts Apple for not having a “security czar” and not communicating with users about security vulnerabilities.
By contrast, he points to Microsoft as a prime example of how to respond to threats, providing well-documented communications and prescriptive “how-to” guidance with alerts that are delivered through email, RSS and deployment tools.
This whole paragraph is absolutely laughable. Lets flash back for a second to Microsoft security bulletin 912840 and my rant regarding it. And now lets re-read that happy little Microsoft fud. Something doesn’t add up, does it?
If that isn’t enough to convince you, lets look at yet another reason why no software vendor should ever adopt Microsoft’s security practices. Two words; Patch Tuesday. Holy god is that a bad model. No matter how bad a vulnerability is, they will sit on the patch (leaving everyone exposed) till the next patch Tuesday. Just because its more convenient for admins.
I, as an admin, would much rather patch frequently, than sit on hands while blatantly exposed to a threat.
Once they work these things out, then (maybe) they can blast other software vendors. Until that time though, they should sit back, shut up and stop making themselves look foolish.