Well patch Tuesday has been and gone and I see that Microsoft has been put in a difficult situation this month with XP security patches. The month before last they released a patch that, when installed on computers that were infected with the Alureon rootkit, caused the machines to endlessly crash. The dilemma they face is if people suffer a bad experience when applying security patches then they are less likely to apply future patches. A kind of damned if they patch and damned if they don’t.
A lot of people slate Microsoft for producing insecure operating systems but the bottom line is that the products are so huge it is almost impossible to prevent vulnerabilities. Think about the complexity of creating an OS that will run on hardware that is outside of your control. A one size fits all product, it is a tall order. Also if I had a pound for the number of times I have heard "if you buy a Mac you won't have these problems" I would be very rich and it shows how naive this viewpoint is. Macs don’t suffer as much because it doesn’t make the headlines as much due to the number of users. Microsoft has far higher market share so generates more attention when exploited and you have a much wider attack surface.
When XP was first launched it comprised of approximately 40 million lines of code, Vista was 50 million lines, which is a lot of room for unforeseen errors.
So in this round of security updates Microsoft has made smart patches. They will check the machine to determine if it has the Alureon rootkit and if it does it will not install the security update to prevent the machine from endlessly crashing. Whilst I understand this approach it defeats the object of patching in the first place.
I think the only solution to this problem is that if you want machines to be stable and to function correctly then don’t be lazy, secure it with decent products and patch it regularly. After all, a security patch is an admission by Microsoft of a problem and highlights where the problem is, if you don’t fix the problem by patching someone will invariably exploit it.