Microsoft: We won't update others' Windows apps
Missing a chance to make 'huge leap' in Windows security, argues expert
Computerworld - Microsoft on Tuesday slammed the door on updating third-party software via Windows Update in the upcoming Windows 8.
One security expert said the company was missing a big opportunity to improve the overall security of Windows PCs.
The new operating system will not update non-Microsoft software, said Farzana Rahman, the group program manager for Windows Update, in a blog post.
"The wide variety of delivery mechanisms, installation tools, and overall approaches to updates across the full breadth of applications makes it impossible to push all updates through [the Windows Update] mechanism," said Rahman. "As frustrating as this might be, it is also an important part of the ecosystem that we cannot just revisit for the installed base of software."
Rahman's statement was the clearest one ever made by Microsoft regarding the fact that it would not take other applications under its update wing.
Currently, the company offers customers updates to Windows drivers -- third-party files required to run the OS -- via Windows Update, and occasionally disables third-party ActiveX controls in Internet Explorer (IE) at vendors' requests. And that's how it's going to stay, Rahman said.
She did add that Microsoft feels its customers' pain.
"People clearly find the experience with multiple updaters on the system less than optimal, and we agree," Rahman said. "Each application updater gives you a different experience, you have to remember to go visit each updater to install updates, you never know when or how updaters will run and what they might do, and so on. People would like one updater for the entire system."
Yes, they would, said Wolfgang Kandek, chief technology officer for Qualys and an advocate for Microsoft's updating of other companies' Windows software.
"I understand the thinking," said Kandek of Microsoft's reasons for not pushing third-party updates, "but at the same time, it's a little disappointing. Microsoft could collect a huge amount of goodwill by doing this, and it would be a huge leap for security."
Kandek argued that although even Microsoft doesn't have the resources to validate every application's update, it could certainly focus on the most important vendors whose products need to be constantly updated. His examples: Adobe's Reader and Flash Player.
"I would argue that there are certain organizations, and Adobe is one of them, where [Microsoft taking on updating duties] would be possible," Kandek continued. "There are only a couple of [vendors] that they would need to address, and they're mature companies with well-tested updates."
Both Flash Player and Adobe Reader have been patched multiple times this year: Adobe has issued nine security updates for the Flash Player and five for the Reader so far in 2011.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Windows White Papers | Webcasts