Insightful analysis and commentary for the US and global equity investor
Contributors: Douglas McIntyre Jon C. Ogg

Previous Posts

Thursday, September 14, 2006

Symantec and McAfee Have Little to Fear from Microsoft

By William Trent, CFA of Stock Market Beat

Back in May the market was abuzz with the news that Microsoft had released a consumer antivirus program that would compete with those offered by Symantec and McAfee.
The launch marks Microsoft’sbiggest formal push into the PC security market yet, and pits the world’s largest software firm directly against security-software makers like Symantec Corp. (SYMC) and McAfee (MFE)….

Microsoft’s launch followed months of testing of the product, which it says offers an “all-in-one, automatic and self-updating PC care service” to help users of its dominant Windows operating system protect their data and easily maintain their computers.
Used to power over 90% of the world’s computers, Windows is often the target of malicious attacks like viruses and worms.

As we said at the time, the other way to protect Windows users from malicious threats would be to make the operating system more secure in the first place. We also said that Microsoft needed to get Vista done right, rather than just get it done, for much the same reason.

Now we get a progress report:
Microsoft Patches Same Explorer Hole for 3rd Time - Microsoft Informer - Blog - CIO
Among the security patches released by Microsoft Tuesday is an Internet Explorer fix that is now being distributed for the third time, due to problems that weren’t fixed on the patch’s first or second releases, the company has admitted.Last month, eEye Digital Security warned users that Microsoft’s August security update, MS06-042, had in fact introduced a new critical security bug. Microsoft responded with a “hotfix” repairing the problem.

The two companies also engaged in a war of words over eEye’s disclosure of the seriousness of the problem introduced by MS06-042. While Microsoft described the problem as relatively minor, involving browser crashes, eEye discovered that the hole could be exploited to run malicious code. Microsoft called this disclosure “irresponsible” and removed eEye from the flaw credits.

That wasn’t the end of the story, however: the “hotfix” of 24 August failed to completely fix the problem, eEye discovered. This week’s second update fixes the problems missed by the first re-release, Microsoft said
Symantec and McAfee have little to fear, it would seem. The author may hold a position in the securities discussed.

A current list of the author's holdings is available here.

Powered by Blogger