There has been plenty of talk these days about security. The increased use of computers and mobile devices to bank, shop and communicate with friends and family has also increased a user’s vulnerability to cybercriminals. Software updates and patches are critical to keep computers secure, but some companies are having trouble getting those patches released quickly.
Like many others, Apple recently had trouble with an exploited vulnerability, when cybercriminals were exploiting a flaw in Oracle’s java application environment. While Oracle was able to release an update for Window’s and Linux rather quickly, Apple (who handles their own Java updates) took months. There was much disappointment about the delayed response from Apple, and while many chalk this up to the fact that Apple was unprepared, as Mac’s had been virtually impenetrable for years, several others also cite regression testing as a major delay in releasing critical updates and patches. According to Sue Marquette Poremba of Security News Daily:
A quick fix isn’t always a good fix.
“Updating software reliably does not only mean fixing the problem,” (Wolfgang Kandek, chief technology officer at Redwood Shores) said, “but also testing whether the fix plays well with other modifications included in the code, plus making sure that it does not break any functions of the software.
Having a fix that works is important, but having the vulnerability on your computer affects how your system runs and who can control it. More often than not, the average computer user has no idea that a risk is there.
Read the full article at MSNBC.com >>>
Ask any of the 55,000+ testers at uTest and they can certainly tell you that bug fixes take time. To triage, locate and correct a bug is not an easy process by any means. And more importantly testing to make sure the fix is not going to break other existing features or open the application to additional vulnerabilities is critical.
We’d like to know how you feel about security updates. How long do you think security patches and updates should take?