Home / Count the cost before buying Microsoft, says analyst firm

Count the cost before buying Microsoft, says analyst firm

Enterprises should bear in mind the constant cost of having to patch Microsoft products when they look at buying them, analyst firm Gartner claimed this month.

Enterprises should bear in mind the constant cost of having to patch Microsoft products when they look at buying them, analyst firm Gartner claimed this month.

In an advisory posted on its web site last week, Gartner slams Microsoft’s recent record on security. Microsoft last week acknowledged a critical security flaw in all versions of its Windows operating system. Like the flaw that enabled last year’s MSBlast attack, this vulnerability was discovered by an outside company and reported to Microsoft: “this shows the inadequacy of Microsoft’s highly publicised efforts to find vulnerabilities in its software,” Garter said.

The research firm is especially critical of security vulnerabilities in Windows Server 2003, the company’s most recent server OS. “Gartner has advised enterprises against using Windows Server 2003 in sensitive Internet-exposed applications before 2Q04. We may have to revise even this cautious position if Microsoft fails to commit publicly to extraordinary efforts to eliminate glaring holes in its operating systems,” the report said. “Enterprises should continue to heavily weight the cost of continually patching Microsoft products when deciding which operating system to purchase.”

Gartner believes that another MSBlast-style attack as a result of this most recent flaw is “almost inevitable” and is warning users to immediately apply the patch Microsoft has provided and install firewall solutions.

Microsoft has been criticised by other analyst firms for taking so long to come up with a patch for this recent flaw. It was notified by a security company about it in July last year, and has only just issued a patch for it.

Ironically, Gartner’s advisory was released on the same day that Microsoft announced that portions of the software code for Windows 200 and NT 4 had been illegally made available on the internet.

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.