Why can't Microsoft just patch everything?
Nearly four years ago, Microsoft’s Bill Gates ate some humble pie and declared that they must do much better with their security issues and launched the Trustworthy Computing Initiative. One and a half years later, the company launches Windows 2003 Server with fewer vulnerabilities and extremely defensive default settings. Another year goes by and Microsoft releases Windows XP SP2 with many new enhanced security features. Almost 4 years after the launch of Trustworthy Computing, I found myself wondering why am I staying up till 4:00 AM to deliver an emergency set of instructions (Home and Enterprise) to my readers because Microsoft felt it unnecessary to patch a flaw six months ago that was originally low risk but mutated in to something extremely dangerous.
Full article: blogs.zdnet.com