Security Advisor

Windows 8 Patching Right on Schedule

Discovered vulnerabilities this early in the software's lifecycle should be neither shocking or unexpected.

How many times have you heard somebody say they are waiting for the first service pack to be released before updating to the current version of Windows?

We all know that while Microsoft does its best to perform as much testing as possible, you won't be able to find all the launch-day bugs until the final product in the hands of the public. That's why it's not surprise that a short three weeks after the launch of Windows 8, Microsoft's newest OS is receiving some security updates for four found flaws (find this month's Microsoft security update info here).

Logic should also tell you that just because the number has changed, that doesn't mean that the old, familiar Windows framework isn't holding up a new interface. So, if there's a new problem found in the Windows Kernel or Shell, you can bet that both your Windows 7 and Windows 8 machines will need an update.

"Much of [Windows 8's] core operating system is reused from version to version (even in new releases) and all software has its share of bugs," said Andrew Storms, nCircle's security director in a blog post. "These factors, plus the security researchers that love to find and report bugs in the latest versions of software, are why there are several bulletins for Windows 8."

Makes sense. I'm pretty sure there's not a lot of recognition and increased Web site traffic for your security firm for finding issues with Windows XP at this point. But to get your name attached to the discovery of a Windows 8 flaw? That's some good advertising for your firm's stash of products and services.

Judgments should not be jumped to based on the number of found vulnerabilities in Windows 8 in the first few months. It's all part of the growing process. However, a huge selling point Microsoft has been pushing in the OS upgrade was the fact that, thanks to a more self-contained and isolated sandbox environment, this is a more secure Windows that we have been used to. Judge the software by the number of real-world security incidents that hit the wild; not by the number of cracks patched before exploitations can be discovered.

Are you one of the early adopters that have theoretically paid Microsoft to stress test Windows 8? Let us know how secure you think the OS is. Or are you someone that typically waits until the first service pack before upgrading? Let us know your reasoning. All comments welcome at

About the Author

Chris Paoli is the site producer for and


  • Microsoft Deprecating Windows To Go

    Microsoft plans to put an end to its Windows To Go product in the near future, according to a Friday support article.

  • Microsoft Releases Hyper-V Server 2019 After Long Delay

    Acknowledging that the release took "way too long," Microsoft has made Hyper-V Server 2019 available for download from the Microsoft Evaluation Center page.

  • Forklift Container

    A Better Way To Upgrade Hyper-V Storage

    It's time again for Brien to perform a major storage upgrade on his Hyper-V hosts. But this time, he's taking a new approach.

  • RAMBleed Side-Channel Attack Method Disclosed by Researchers

    Academic researchers this week published information about another side-channel attack method, called "RAMBleed," that can expose information from memory chips, including encryption key information.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.