Full Disclosure mailing list archives

Microsoft product vs Microsoft patch

From: n3td3v <xploitable () gmail com>
Date: Thu, 24 Aug 2006 20:14:03 +0100

My request to security researchers:

I have for a long time now been under the theory that *some* Microsoft
patches once added together outweigh the actual file size of the
original Microsoft product.

Can someone gather *all* the security patches for each Microsoft product and
calculate the total weight of Microsoft security patches vs the original
size of the released Microsoft product.

I believe for their operating system and their web browser Microsoft patches
take up half or all the original size of the Microsoft product.

I don't have the resources to carry out this study on my own, and I know
some folks do have those resources to release such information to the
security community.

We need this information to be published professionally so its suitable for
media outlet consumption.

This kind of information should be available to the public at large, to push
public opinion towards installing a Linux distro, and educate the general
public further, the scale of Microsoft's failure at every level and frontier
over the years to release secure products.


My request to security vendors:

We're beginning to see the "Ubuntu" (Debian) Linux distro being most
appealing towards the general public right now due to its
Microsoft-like easy to install properties.

No one in a position of power would ever recommend Linux, like Symantec (for
example), because they make so much money out of Microsoft, but if they
really had everyones security interests in mind, they would be.

Symantec were only last week or so getting nervous that Windows Vista is
locking out security vendors from its kernal. Maybe if Symantec can't hack
into the new Windows Vista kernal, (and no longer can make enough money from
Microsoft) then perhaps, now is the time for Symantec to be stabbing
Microsoft in the neck and officially recommend a Linux distro as a security
solution each time a MS06-040 style flaw is released.

In a perfect situation, we need people in a position of credibility to
recommend Linux to Microsoft users! Ubuntu is a perfect Linux distro to
point them to.


My request to security researchers:

Contact me (on or off list) to help us get this research compiled and pushed
out.

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Microsoft product vs Microsoft patch n3td3v (Aug 24)
- Re: Microsoft product vs Microsoft patch Valdis . Kletnieks (Aug 24)
  - Re: Microsoft product vs Microsoft patch John Dietz (Aug 25)
    - Re: Microsoft product vs Microsoft patch Valdis . Kletnieks (Aug 25)
    - Re: Microsoft product vs Microsoft patch n3td3v (Aug 25)
- <Possible follow-ups>
- Re: Microsoft product vs Microsoft patch Ajay Pal Singh Atwal (Aug 24)
  - Re: Microsoft product vs Microsoft patch Tonnerre Lombard (Aug 24)
- Re: Microsoft product vs Microsoft patch Mike M (Aug 25)