The Perils of Third Party Patches

Nothing in life is truly free and that goes for those free, third party software patches.

Patches for recent Microsoft vulnerabilities from the Zeroday Emergency Response Team (ZERT) and Determina have added yet another dimension to the question of patch management: Should you wait for the vendor's patch, or take the freebie as a stopgap?

ZERT beat Microsoft to the punch with a free patch for the fast-spreading Internet Explorer VML bug last week, and Determina issued a free patch for the WebViewFolderIcon setSlice bug in Windows. But Microsoft and other vendors typically don't approve of, or endorse, third-party patches to their products. Dark Reading - Desktop Security - The Perils of Third-Party Patches - Security News Analysis

Linked by shanmuga Thursday, 5th October 2006 1:12AM