In the animation cursor (ANI) holes with topic later, many security experts on Microsoft to release security patch manner questioned, and suggest Microsoft reconsider key level of the patch release a way.
Security experts NandMulchandani Determina in early last year found ANI vulnerabilities, and in December to Microsoft to report, but Microsoft has been no action, until the attack to take out a flood patches, and the results led to a number of problems.
He said: "the problem is, every time you want to wait until a super Tuesday to mend loopholes, this to the public at more favorable for Microsoft? Our advice is, once known high-risk loophole, try to advance action, don’t wait for super Tuesday to do that again."
Microsoft will have their views and practices, the security response team MikeReavy responded, said: "this (ANI holes) event handling and we treat all holes are the same. In the report have a report, we must wait until can reproduce problem, can take further action. We also want to shortcut, such as quality test, but this from the patch to users in a hurry to get the interest of the customer risk."
Specific to ANI problem, Microsoft in McAfee report against appears after just four days released security announcement, then given in critical condition and earlier released a patch, it got a lot of industry insiders recognition, but perhaps is to act too early, test not complete, security patches and other programs which a lot of conflict.
At Microsoft, it seems to deal with such events needs to do a lot of work, and repair the vulnerability is on the one hand, to ensure that no more problem also nots allow to ignore.