If you happen to be using both the Windows 7 and Windows 8 operating systems on your desktop computer, you might relate to the findings of two security researchers who found a sort of discrimination between the security fixes for those operating systems.
At the core of the matter is the absence of a security code in Windows 7, but is found in Windows 8. Now there are many who question Microsoft’s commitment to protecting the users of Windows 7 with the same dedication that it afford Windows 8 fans.
After more than a month since Microsoft ended support for Windows XP, Windows 7 user base grew from nearly 49 percent to 50 percent, while Windows 8 only holds nearly 13 percent of the market, though it had managed to gain more users from the previous market share of 11.30 percent, according to the statistical data.
It shows users who have begun to leave Windows XP are transitioning to Windows 7 instead of any of the Windows 8 versions. If the figure is to be taken into serious consideration, it would be unreasonable for Microsoft to leave those great deal of users unprotected with security patches.
Read also: China bans Windows 8 on government computers
Security researchers Moti Joseph and Marion Marschalek have found weak points in how Microsoft implemented the Security Development Lifecycle rules for secure programming practices, which began more than a decade ago.
The SDL also needs the Strsafe as an alternative for safety measures, which the researchers clarified are not patches. However, they are important in order to preempt possible attacks in the future, meaning they help security software to counter threats. By that token, the SDL is still vital to a computer’s security.
So it is quite surprising that updates being directed to Windows 8 with regards the SDL are not reaching Windows 7-based PCs. It transports us back to a certain point in the Windows XP and Vista era when Microsoft once introduced Address Space Layout Randomization updates to the latter but not to the former.
Then only a couple of weeks ago, Microsoft took to blog to shed light on why it released security updates for a credentials protection and management tool, which eliminated the plain-text password custom and intended to bolster fresh security features. It would have been much better if the Redmond giant also released every bit of necessary program updates for Windows 7 that it does for Windows 8.
The security community finds such a practice as being unfair on the part of Microsoft, which has the cardinal responsibility of keeping strong security infrastructure for its clients.