Microsoft: Third-Party Vendors Failing to Patch Flaws

Thursday Jul 29th 2010 by Kara Reeder

Fifty-five percent of the flaws reported by Microsoft to other vendors go unpatched.

A progress report issued by the Microsoft Vulnerability Research, or MSVR, program revealed that third-party developers only patched 45 percent of the vulnerabilities reported by Microsoft's security team during the 12 months from July 2009 to June 2010.

But as Computerworld notes, this is a marked improvement over the year-long stretch through June 2009, when developers patched a paltry 13 percent of the bugs Microsoft reported. Microsoft offered an explanation for the poor patching:

This is not entirely surprising -- in most cases the vulnerabilities ... have been low-level architecture issues that are not easy to resolve, and vendors require considerable time to develop an effective resolution and test it thoroughly.

Mobile Site | Full Site