Security Advisor

Windows 8 Patching Right on Schedule

Discovered vulnerabilities this early in the software's lifecycle should be neither shocking or unexpected.

How many times have you heard somebody say they are waiting for the first service pack to be released before updating to the current version of Windows?

We all know that while Microsoft does its best to perform as much testing as possible, you won't be able to find all the launch-day bugs until the final product in the hands of the public. That's why it's not surprise that a short three weeks after the launch of Windows 8, Microsoft's newest OS is receiving some security updates for four found flaws (find this month's Microsoft security update info here).

Logic should also tell you that just because the number has changed, that doesn't mean that the old, familiar Windows framework isn't holding up a new interface. So, if there's a new problem found in the Windows Kernel or Shell, you can bet that both your Windows 7 and Windows 8 machines will need an update.

"Much of [Windows 8's] core operating system is reused from version to version (even in new releases) and all software has its share of bugs," said Andrew Storms, nCircle's security director in a blog post. "These factors, plus the security researchers that love to find and report bugs in the latest versions of software, are why there are several bulletins for Windows 8."

Makes sense. I'm pretty sure there's not a lot of recognition and increased Web site traffic for your security firm for finding issues with Windows XP at this point. But to get your name attached to the discovery of a Windows 8 flaw? That's some good advertising for your firm's stash of products and services.

Judgments should not be jumped to based on the number of found vulnerabilities in Windows 8 in the first few months. It's all part of the growing process. However, a huge selling point Microsoft has been pushing in the OS upgrade was the fact that, thanks to a more self-contained and isolated sandbox environment, this is a more secure Windows that we have been used to. Judge the software by the number of real-world security incidents that hit the wild; not by the number of cracks patched before exploitations can be discovered.

Are you one of the early adopters that have theoretically paid Microsoft to stress test Windows 8? Let us know how secure you think the OS is. Or are you someone that typically waits until the first service pack before upgrading? Let us know your reasoning. All comments welcome at

About the Author

Chris Paoli is the site producer for and


  • Skype Room Systems Rebranded as 'Microsoft Teams Rooms'

    Microsoft on Wednesday announced the rebranding of its Skype Room Systems product line of partner-built videoconferencing and meeting room devices, which are now called "Microsoft Teams Rooms."

  • Intel's 'Cascade Lake' Datacenter Chips Tackle AI Inference

    Amid all the flash of this month's Consumer Electronics Show (CES), there was an unlikely datacenter announcement: Intel is now shipping its new Xeon Scalable CPU.

  • Azure DevOps Server 2019 Now at Release Candidate 2

    Microsoft released Azure DevOps Server 2019 Release Candidate 2 (RC2), according to a Tuesday announcement.

  • Cloud IT Infrastructure Spending Starting To Take the Lead

    IDC this month published findings on revenues from cloud IT infrastructure spending in the third quarter of 2018, based on server, storage and Ethernet switch sales.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.