Microsoft Vows to Fix Patch Problems
A simpler system for fixing security flaws is coming, company says.
John Fontana, Network World
DALLAS -- Microsoft will whittle down its stable of patch management tools from eight to two by the end of the year, according to the software giant's chief security strategist.
During his keynote at Microsoft TechEd Tuesday, Scott Charney put it simply, "patch management is broken." Charney, who served as cybercrime chief at the Department of Justice for eight years, then vowed to repair the damage and ease the headache of patch management.
Patch management has become a problem for end users, not only because of the number of patches Microsoft issues, but also because of the number of different tools organizations have to deploy.
Two Tools
Microsoft has eight installer technologies available to users. Charney said that number would be reduced to two by the end of the year--one for the operating system and one for applications.
"We will eventually have one tool across the entire platform," said Charney. He added that the appearance of the tool would coincide with the release of the Longhorn operating system, which is expected in 2005.
"One or two tools would be manageable," says Velda Wooten, supervisor of the client support group for American National Insurance in Galveston, Texas. "With several different tools, the tools themselves become hard to manage." Wooten manages some 1,800 desktops and is currently working in-house to design her own tools to help with the patching process.
Others say cleaning up the tool glut will likely result in better-patched systems.
"One tool for the OS and one for applications probably means that more admins will do patch management," says Cary Shufelt, Windows network architect for Oregon State University. "It's about time Microsoft did this."
Problems Remain
But there are other hurdles to get over.
Charney admitted it would not be easy to fix the problems and there is a lot of work to be done. "But there will be improvements," he said.
When he joined Microsoft last April, Charney tapped every product team in the company to create a 30-person strong working group to repair the patch management problem.
"Now that we know the problems, we can fix them," he said. Those fixes will include enhancements to Software Update Services and Windows Update.
Charney spent the bulk of his keynote pushing Microsoft's Trustworthy Computing initiative, which Microsoft chief software architect Bill Gates kicked off early last year. Charney said the initiative must insure the protection of confidentiality, integrity, and availability of data.
Charney also announced that Microsoft and VeriSign would partner on several security initiatives based on the public key infrastructure included in Windows Server 2003, including auto enrollment of VeriSign certificates in PKI, and interoperability between certificates and mobile devices.
Microsoft also announced a new security certification program that will begin immediately for Microsoft Certified Systems Engineers and Microsoft Certified Systems Administrators.
- Sponsored Resource:Improve your network with the right mix of features, performance and pricing.
- Sponsored Resource:Growing your business requires the right tools. Dell's networking servers can help.
- Sponsored Resource:Thinking about a new Laptop? Lenovo has models to meet everyone's needs.
- Sponsored Resource:Twitter: A how-to guide for using Twitter as a business tool.
- Sponsored Resource:Smartphone security threats are on the rise. Is it time to safegaurd your device?
For more information about enterprise networking, go to NetworkWorld. Story copyright 2008 Network World Inc. All rights reserved.
Print 65% more pages than with refilled inks. Trust Original HP Inks. Hit Print Reliably.
Solve Tech Issues Fast
Microsoft Office Home and Student 2007
Featured APC Accessories For Your System
10% Off Entire Cart at Online Store
-
APC Back-UPS ES
Safeguards your equipment from damaging surges and spikes that travel along your utility & data lines.
- APC SurgeArrest Performance Highest level of protection for your professional computers, electronics and connected devices, as well as provides surge protection.
People who read this also read:
Best Prices on System Utilities
Dragon Naturally Speaking 10 StandardPrice: $55.97
Nuance DRAGON NATURALLYSPEAKING LEGAL 10 (A509A-X00-10.0)Price: $299.99
Parallels Desktop 4.0 for MacPrice: $59.99
Parallels Desktop (Full Product)Price: $11.96
VMware Fusion 2 (Full Product)Price: $44.05
Travel Remote Control for Dell Studio XPS 13 LaptopPrice: $23.99
- 2007 Microsoft Office Suites Comparison This paper compares and contrasts four suites of the 2007 Microsoft Office system: Microsoft Office Standard 2007, Microsoft Office Professional Plus 2007, Microsoft Office Enterprise 2007 and Microsoft Office Ultimate 2007. This paper is intended to help organizations understand the applications and capabilities offered, and to identify the suite that best fits their needs.
- Windows Vista Migration: The Business Proposition It's not so much a matter of "if" but "when" for most organizations regarding migration to Windows Vista. Laying the groundwork now for this migration can yield higher ROI than waiting until later. This Computerworld Technology Briefing explains it all.


