Category Archives: Y2.10K

Y2.01K, The Register, and Symantec

The Register’s Dan Goodin has had a go at Symantec over their Y2.01K update problem. Anyone would think that Symantec users had been unprotected since January 1st, which is nonsense: the kludge of misdating updates so as to circumvent the bug may not be elegant, but it gets the updates onto the machine, which is what matters, and has given the company the opportunity to do what any responsible security company would do: take the time needed to produce an effective, permanent fix, rather than flying into a panic.

Effective security software is complex code often produced under time pressures, and even security programmers are human: it would be miraculous if they never made mistakes. I have heard it suggested that even journalists get it wrong occasionally, but that’s probably just a malicious rumour. 😉

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com

Belated millennium bugs revisited.

In view of interest elsewhere, I revised and added some links at :
http://www.eset.com/threat-center/blog/2010/01/06/millennium-falcon-crash-burn-revisited

David Harley FBCS CITP CISSP
Chief Operations Officer, AVIEN
Director of Malware Intelligence, ESET

Also blogging at:
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com