I saw a news story that noted Microsoft was preparing the “last set of patches for the decade”. I found the phrasing funny because this is clearly a function of time running out on the decade rather than Microsoft putting out better software or that all of the potential exploits had been exhausted.
Our CEO, John Prisco, wrote about the ecosystem that exists between Microsoft and the security vendors some time ago and this “circle of life” will continue for some time to come. And now Adobe has jumped in with their patch process, and one could pretty reasonable predict that Apple – yes, that perceived to be bug-free Apple – will follow eventually. The “circle of life” is roughly: MS releases operating systems and software, software has flaws, cyber criminals exploit flaws, people buy AV software.
It is an ecosystem that supports thousands of jobs Iincluding mine), yet costs companies and government agencies untold millions of dollars to support. I am not sure that there has been anything quite like this ecosystem in the history of business. Certainly there are corollaries in warfare (someone builds a new weapon that evades defenses, causing the other side to build new defenses) and medicine (viruses mutate to evade the drugs created to combat them).
And it shows no sign of abating, in spite of early claims that Windows 7 is far more secure and bug-free than any other Microsoft OS. The volume of attacks is growing geometrically and new exploits are discovered daily to feed the fire. Worms now exist for smartphones so the ecosystem will spread to handheld devices as well.
So it may be the last patch Tuesday of the decade (BTW, I remember this argument at Y2K: shouldn’t 2010 be the last year of the decade?) but a new year or decade will not slow down this odd ecosystem in which we are all engaged.
Click here to subscribe
