Another MS Security Nightmare

In a recent article, it was discovered that the way Microsoft installs applications in Windows makes those applications relatively easy to hack.  While it is amusing (terrifying?) that yet another massive security hole in Microsoft has been revealed, we take more issue with Microsoft’s response.  They are trying to say that the massive glaring hole is not a security issue but, rather, a configuration issue.

As if there is a difference.

Configuring The Truth

Take a look at the list of vulnerabilities out there and you will see that a vast majority of security vulnerabilities result from misconfiguration.  Malware spreads through improper network configuration.  IoT hacks occur through improper device configurations that leave vulnerable transmissions open.

So why, then, do companies persist in separating configuration from security.

The Lack Of Actionability

The truth is that almost every security software on the market is a point-and-pray glorified reporting system.  They work to the degree that they are successful because they are nested in an ecosystem of other products that take in those reports and take actions.  For example, a SIEM might report some random open port and a firewall vendor will read that report and take an action.

This is a decent IT approach but it leaves OT (Operational Technology) world out in the wind – unable to control configurations which underlie almost every modern hack.  By the way, there is no ecosystem in the IoT and nothing on the market scales.

Any wonder why cybersecurity is so ineffective these days?