16 Quotes by Steve Manzuik

The potential is there. We haven't seen any exploitation, but it doesn't mean it can't be done.

There are some extremely smart hackers out there using and sharing the tools that find these vulnerabilities. When Microsoft takes a long time to issue fixes, it sets up a dangerous situation,

We've assigned it our 'High' rating, which means the vulnerability allows for code execution,

I don't buy the argument that they are aiding attackers. The attackers are already reverse-engineering the patches. They have the time and resources to find out where the flaw lies. The guy that feels the pain is the system administrator who is in the dark and who can't do his own reverse-engineering.

Overall, they have improved, there's no doubt about that. But unless they move faster on some of these high-impact vulnerabilities, we'll always deal with rogue researchers finding the same things,

I think September will be quiet. When we get the six, seven, eight or nine patches, it gets to be a bit more difficult.

Microsoft's customers depend on that information to figure out how to respond to Patch Tuesday. The reality is, system administrators will delay deploying a patch based on the details of the bulletin. When details aren't included, he won't install that patch. That is a big problem.

Users can protect themselves by not clicking on any links in e-mails from unrecognized sources and by generally paying attention to what Web sites they are visiting. Locking down a system and not using the administrator account at all times lowers the risk but does not mitigate the vulnerability.

As far as we know, this update does not address our issues.