Its possible its a ploy but remember it makes them look bad. Microsoft is facing so much bad press at the moment they can ill afford any more. This isn't the 90's anymore! They can't ship junk and get away with it anymore. Linux might not yet have made major headway but OSX has started. Some offices, particularly executives, and many normal people are moving onto alternate platforms. The youth are particularly pro OSX.

To a degree statements like this might push people to newer products but remember, Linux operates on the same principle. As a rule of thumb, newer is safer, faster and more feature rich. We upgrade all the time for security fixes. They are encouraging the exact same thing. The difference is that we don't pay for upgrades.

Good points. Linux doesn't have upgrade treadmill$ used to grind money out of customers, and it is always advisable to install security updates.

To speak to NickStone's point: For a LONG time Microsoft denied that versions previous to VISTA had any serious security problems, even though they shut down the website which chronicled Windows Exporer's security holes, some of which were years old, and the F***Microsoft site which exposed the hidden directories that held tracking info and files which was regularly uploaded to MS. That site described techniques to delete those sites and cripple the upload ability, but subsequent updates caused the hidden directories and files to be recreated at boot time if they weren't there. Microsoft went on to do much worse stuff.

BUT, when VISTA didn't take off like it was supposed to, MS begin a marketing campaign that compared XP's security to that of VISTA's. They couldn't compare it to any other OS because no other OS, including Linux at the time, was a serious market contender. Even at 8 to 10% each for OSX and Linux, MS still had to focus on the OS that had the Lion's share, XP. So they, in effect, admitted to all the holes in hopes of moving Win users from XP to VISTA. It didn't work, hence the need for Win7.

I know that Linux continues to develop new versions of packages but in all the years I have been using different Linux distributions I have never seen a single marketing campaign from any distribution advising its users to upgrade to the latest version because the previous version vulnerable to hackers or malware. Look at Ubuntu 10.04, support ended this year (for desktop edition) but no comments from Canonical telling users to upgrade.

That is the difference between Linux and Microsoft

Linux doesn't run an ad campaign because of how our package management works. It all works in the background so that user doesn't have really interact with it except for the occasional notification. Even larger upgrades are done out of sight. Windows on the other hand has package management for the core OS but even then, it doesn't so to a very limited extent.

While I agree that no campaigns are waged, every single time I log onto my server I get a notification of available updates and how many are security updates and the notification widget does the same on my desktop. I much prefer this direct but low-key approach rather than an email or other more intrusive style of notification.

Exactly. All software has bugs. Claims of who is "more secure" are nonsensical. Go have a trawl through Mitre's CVE list; everyone is buggy.

We don't pay for upgrades from one release to another because we don't pay for the operating system to begin with. Microsoft's model is different: you pay for the software, and you pay (a discounted price) for version upgrades. The vast majority of commercial software follows this pattern. Also, do remember: there is no charge for security updates from Microsoft. Other commercial vendors, not so nice (*choke* Oracle *choke*).

If that were really true, then why would Microsoft post a free Fix-It that provides a workaround until a proper patch can be created? How about a mitigation toolkit that further enhances many of the protections already present?

C'mon, guys, they're not entirely evil, you know.

IMO, they only remain un-evil enough to avoid prosecution. Honestly, it's not really their fault. Consumers willingness to accept status quo is the real evil.

Can't really argue with that...