Microsoft is only telling consumers what they want to hear and is doing next to nothing to help enterprise when it comes to security, according to TruSecure chief scientist, Russ Cooper.
In Australia to speak at the IT security conference, AusCERT 2004, held last week on the Gold Coast, Cooper came out swinging following his presentation on the situation people are facing in a Microsoft-driven patchomania world.
“Patching is really something you should find a way not to do,” Cooper said. “Patching doesn’t serve the purpose it’s supposed to, it doesn’t necessarily protect you.”
A simple enough message, yet one that has seen Cooper become the scourge of Microsoft.
Cooper recently released research a survey on the Sasser worm that suggested people who spent any amount of time patching were more likely to find their machines became infected than people who used other methods and did not patch.
He claimed he analysed 298 Microsoft bulletins and came up with 452 unique vulnerabilities.
Microsoft disputed Cooper’s findings but refused to comment further.
Cooper claimed Microsoft might not have done the same analysis on their own information as he had done.
“Everything I presented [at AUScert] was based on data which comes from Microsoft security bulletins."
Cooper said there was no guaranteed patch solution available.
“Anything shy of 100 per cent patching is very ineffective," he said. "People end up thinking they can rely on patching as a way of keeping themselves secure. They get infected if they’re not 100 per cent patched.
“A real solution is to use a strategic rather than a software solution. Everybody loves the idea that I just apply a patch and the problem goes away, unfortunately reality says that’s not how it works."
Cooper said Microsoft was pushing patching because it needed to get the message through to consumers.
For more on this story, see ARN this week