--------------------PART 2 OF 2
 
 The patches that aren't downloaded: Windows is
 better than most operating systems at easing
 the drudgery of staying on top of patches and
 bug fixes, since it can automatically download
 them. A PC kept current with Microsoft's
 security updates would have survived this week
 unscathed.
 
 But hundreds of thousands, if not millions, of
 Windows systems still got Blasted, even though
 the patch to stop this worm was released weeks
 ago.
 
 Part of this is users' fault. "Critical
 updates" are called that for a reason, and
 it's foolish to ignore them. (The same goes
 for not installing and updating anti-virus
 software.)
 
 The chance of a patch wrecking Windows is
 dwarfed by the odds that an unpatched PC will
 get hit. And for those saying they don't trust
 Microsoft to fix their systems, I have one
 question: If you don't trust this company, why
 did you give it your money?
 
 Microsoft, however, must share blame, too.
 Windows XP's pop-up invitations to use Windows
 Update must compete for attention with all of
 XP's other, less important nags -- get a
 Passport account, take a tour of XP, hide
 unused desktop icons, blah, blah, blah.
 
 Microsoft's critical updates also are absent
 from retail copies of Windows XP, forcing
 buyers into lengthy Windows Update sessions to
 get the fixes since last year's Service Pack 1
 upgrade. At least the version of XP provided
 to PC manufacturers is refreshed once a
 quarter or so -- and Microsoft says it's
 working to shorten this lag.
 
 The lack of any limit to damage: Windows XP,
 by default, provides unrestricted,
 "administrator" access to a computer. This
 sounds like a good thing but is not, because
 any program, worms and viruses included, also
 has unrestricted access.
 
 Yet administrator mode is the only realistic
 choice: XP Home's "limited account," the only
 other option, doesn't even let you adjust a
 PC's clock.
 
 Mac OS X and Linux get this right: Users get
 broad rights, but critical system tasks
 require entering a password. If, for instance,
 a virus wants to install a "backdoor" for
 further intrusions, you'll have to authorize
 it. This fail-safe isn't immune to user
 gullibility and still allows the total loss or
 theft of your data, but it beats Windows'
 anything-goes approach.
 
 Because Microsoft blew off security concerns
 for so long, millions of PCs remain unpatched,
 ready for the next Windows-transmitted
 disease.  Microsoft needs to do more than
 order up another round of "Protect Your PC" ads.
 
 Here's a modest proposal: Microsoft should use
 some of its $49 billion hoard to mail an
 update CD to anybody who wants one. At $3 a
 pop (a liberal estimate), it could ship a disc
 to every human being on Earth -- and still
 have $30 billion in the bank.
 
 2003 The Washington Post Company
 
 

--- Maximus/2 3.01