The Mashable blog has published a few articles on the online security flaws plaguing Microsoft’s Windows XP O/S. In Internet Explorer Gets Its Security Patch, and So Does Windows XP, Lance Ulanoff announced Microsoft’s intention to issue patches on Thursday, May 1, 2014, to fix the problems.
Numerous posts to other prominent blogs have debated the pros and cons of Microsoft’s decision to provide these fixes for a product (Windows XP), which, Microsoft has announced, has reached end of life.
In fact, there are very strong positives, as I see it, in Microsoft’s public announcements about this problem:
- In his post, Mr. Ulanoff claims Microsoft, itself, was the first authority to inform the public of the severity of these security holes, and to urge the public to stop using the products pending a fix
- Microsoft made an exception to its own policies for products reaching end of life, and provided the fix at no charge to anyone who still used Windows XP with “Automatic Update” set for the O/S and Internet Explorer Browser
If there is bad news, and someone has to announce it, better the culprit than anyone else. With this dictum in mind, I think Microsoft clearly took the right step with pt 1), above.
If a security hole is as dangerous as Microsoft claimed, and no less an authority than the U.S. Department of Homeland Security chooses to follow up with their own warning to the public, then the best strategy is to fix it, absorb any/all related costs related to developing and distributing the solution, and, hopefully, move beyond the issue. Per 2), Microsoft opted to follow this strategy, with, one would hope, positive results to come.
Better to assume the role of a “good citizen”, than to risk one’s reputation by trying to control costs, while rigidly adhering to a policy designed for normal circumstances, and not the kind of extraordinary conditions we found following the public revelation of the security holes.
In sum, I think Microsoft’s public posture through this event gets almost an 8 on a 10 point scale.
© IMB Enterprises, Inc. & Ira Michael Blonder, 2014 All Rights Reserved