Patching a broken Windows

Robert Lemos interviews Datarescue's senior software developer Ilfak Guilfanov, the creator of the unofficial patch for the flaw in the Windows Meta File format that saw tens of thousands of downloads prior to the official patch release by Microsoft. Guilfanov explains why he decided to issue a patch for the vulnerability, how he created the patch, and his thoughts on whether third-party patches are generally a good thing.

Considering the response and your own thoughts, would you ever write a patch again? Under what circumstances?

Guilfanov: While the response is much more favorable than I expected, I prefer not to have any reasons to write a hotfix. Not this time, neither in the future. In the ideal world the vulnerabilities do not exist, second to ideal is to have patches created by the vendor as soon as possible. Given the impossibility of the first option, let's strive for the second one. Patching a broken Windows

Linked by shanmuga Tuesday, 10th January 2006 3:13AM