
The potential dangers of Microsoft's secret patches - J3L2404
http://arstechnica.com/microsoft/news/2010/05/the-potential-dangers-of-microsofts-secret-patches.ars
======
rbanffy
It's interesting how one has to take on good faith the description of a patch
provided by a closed-source software provider.

What if Oracle, SAP, Microsoft, IBM release a patch with a misleading
description that induces a costly error? Are they liable for any damage a
wrong patch description causes? If they mislabel a patch that takes down your
servers for a couple hours (say, one that changes the underlying file format
of some big and important tree) as extremely critical, causing undue downtime
during peak hours, are they liable for that?

