The press has done a terrible job reporting on the Windows XP security vulnerability that turned up a few days ago. It was widely reported that any hacker with a modem could sit in a hut in Minsk and take over your computer, transmitting all your private files to credit reporting agencies, or something like that.
By this time, Microsoft-bashing is an old sport, although it’s still a favorite occupation of the press when other news is slow. The reporting of this hole was wrong in the general coverage and wrong in the details. A couple of things to remember:
The security hole has never been exploited in the real world. It can only be exploited under some specific circumstances which weren’t detailed in the press coverage.
The FBI is not an expert on technology-related security issues. It’s unclear why they felt compelled to jump into this one, although they might be trying to create the appearance of being knowledgeable so they can press forward with their ongoing attempts to compel use of their spyware.
Windows XP will install the patch that fixes the hole automatically.
In the same week that this vulnerability was announced, a security hole was discovered in Oracle software. Didn’t read as much about that one, did you? In fact, if you’ve been relying on the newspapers for technology news, you probably think that all operating systems are secure except Microsoft OS’s, and e-mail viruses only spread if you use Outlook, right? Wrong, wrong, wrong.
Here’s an article on the details of the hole and how the press coverage fell short.