The launch marks Microsoft’sbiggest formal push into the PC security market yet, and pits the world’s largest software firm directly against security-software makers like Symantec Corp. and McAfee…
Microsoft’s launch followed months of testing of the product, which it says offers an “all-in-one, automatic and self-updating PC care service” to help users of its dominant Windows operating system protect their data and easily maintain their computers.
Used to power over 90% of the world’s computers, Windows is often the target of malicious attacks like viruses and worms.
As we said at the time, the other way to protect Windows users from malicious threats would be to make the operating system more secure in the first place. We also said that Microsoft needed to get Vista done right, rather than just get it done, for much the same reason.
Now we get a progress report:
Among the security patches released by Microsoft Tuesday is an Internet Explorer fix that is now being distributed for the third time, due to problems that weren’t fixed on the patch’s first or second releases, the company has admitted. Last month, eEye Digital Security warned users that Microsoft’s August security update, MS06-042, had in fact introduced a new critical security bug. Microsoft responded with a “hotfix” repairing the problem.
The two companies also engaged in a war of words over eEye’s disclosure of the seriousness of the problem introduced by MS06-042. While Microsoft described the problem as relatively minor, involving browser crashes, eEye discovered that the hole could be exploited to run malicious code. Microsoft called this disclosure “irresponsible” and removed eEye from the flaw credits.
That wasn’t the end of the story, however: The “hotfix” of 24 August failed to completely fix the problem, eEye discovered. This week’s second update fixes the problems missed by the first re-release, Microsoft said.
Symantec and McAfee have little to fear, it would seem.
MSFT-SYMC-MFE 1-yr comparison chart: