Summer 2003 was unusual for Microsoft. The software giant was heavily attacked over major security lapses by pretty much everybody -- researchers, journalists, and even big game corporate customers who decided to think twice before purchasing Microsoft technology. As an independent observer, however, I could only sadly conclude this picture of software cracks and flaws was highly distorted.

In mid-July, the company warned of a critical security hole in the Remote Procedure Call (RPC) service of Windows, which paved the way for the release of the MSBlast worm that crippled over 120,000 computer systems in mere 24 hours. On August 20, three critical security vulnerabilities were patched in Internet Explorer and Windows, and then in the beginning of September, another batch of three major flaws was unveiled and fixed.

Come again?!... Did I just say 'fixed'? Can I really be so lonely in my logic to regard security updates as good news? In fact, patching holes in computer systems is extremely positive since in the vast majority of cases the product's maker engineers a fix before it is exploited with malicious intent.

In recent years, Microsoft adopted stellar policy on patch releases. The giant reveals information on security issues in conjunction with the release of an appropriate update for all affected Windows versions, in all language distributions. The company works in tight collaboration with outside researchers and has also launched an internal program, the Trustworthy Computing Initiative, to identify problems in current products and prevent their transfer into future releases.

The distortion stems from Microsoft's ubiquity. Unlike other similar products, the omnipresent Microsoft software is scrutinized by thousands of enthusiasts and professionals, filliped by a host of wide-ranging motives. This flaw-hunting, for example, has turned into a critical business stimulus for network security companies such as Internet Security Systems Inc., which operates a military-style AlertCon scale of current threats. Symantec, the leader in the business, posted sharply higher revenues after a string of new worms and Microsoft software vulnerabilities spurred strong sales.

These trends, however, disturbingly demonstrate the lack of attention on other business-critical software. Linux, UNIX and Macintosh aren't necessarily less vulnerable, but the attention of those finding vulnerabilities keeps steering towards their ubiquitous challenger. In addition, the dispersed structure of open-source development is conducive to the lack of persistent and objective media attention to serious flaws in important components used by hundreds of thousands of major computer systems worldwide.

Microsoft's security ain't perfect, but the facts are clearly demonstrating the company is pursuing this path. What's frustrating is the self-serving unquestioning criticism that may one day deal a harsh blow to those preferring neglect over objectivity.