The InformationWeek -- Blogs
« Microsoft Tries To Skew Younger | InformationWeek Windows Weblog Home | Microsoft Adopts "Co-Opetition" With Borland »


Steve Ballmer Delivers On A Security Promise
Posted on Jun 9, 2005 at 10:17 AM by John Foley

When Microsoft CEO Steve Ballmer disclosed this week that several new tools for software patch management are now available, he was delivering on a two-year-old promise to relieve one of the most acute pain points for many IT departments. The drawn-out process of downloading, testing, and redistributing frequently issued Windows patches has been unduly difficult because Microsoft's own products for managing things were outdated. Ballmer and Microsoft chairman Bill Gates have staked their reputations on fixing the problem.

At Microsoft's TechEd 2005 conference in Orlando this week, Ballmer announced four key pieces of Microsoft's new-and-improved patch-management platform. Available immediately are Microsoft Update, a one-stop Web site where consumers and small-business employees can find software updates for a variety of Microsoft products, and Windows Server Update Services, add-on software to Windows Server 2003 that lets IT administrators automate patch distribution. By mid-July, Microsoft also plans to release an inventory tool for Systems Management Server 2003 that ties into both of those new products, and Microsoft Baseline Security Analyzer 2.0, which will help smaller businesses detect missing software updates and related concerns.

The background on Windows Server Update Services is worth remembering. Its predecessor was something called Software Update Services 1.0, which runs on Windows 2000 Server. (Notably, the new Windows Server Update Services is available only for Windows Server 2003, which means it can't be used by the many companies that aren't running Microsoft's latest server operating system.) Software Update Services was based on the same back-end technology that's been powering Microsoft's Windows Update Web site since 1998. (The new Microsoft Update site is a much-needed modernization of the Windows Update site.) In other words, the underlying technology in Microsoft's patch-management tools is from the Windows 98 era.

Back in the fall of 2003, when IT managers were up in arms over the escalating security vulnerabilities in Microsoft products, Ballmer made a big deal out of the company's plans to improve patch management. Customers and partners "have been pounding us, pounding us, pounding us, for better patch-automation solutions," the feisty CEO said in an October 2003 speech at Microsoft's Worldwide Partner Conference in New Orleans. At the time, the plan was to deliver Windows Server Update Services (originally dubbed Software Update Services 2.0, then later Windows Update Services) in the first half of 2004. Then it got bumped into the second half of '04, then delayed again to the first half of '05. (See my blog on the delays from July 2004.)

Finally, a year late, Windows Server Update Services is here. It will be interesting to see what kind of a difference it and Microsoft's other new patch technologies make in easing what's become a full-time job for too many system administrators. To its credit, Microsoft has already made other significant changes to its patch-distribution approach, including the move to a predictable once-a-month release schedule. A report by Microsoft partner Wipro Technologies comes to the conclusion that Windows PCs and servers are less expensive to patch than Linux machines. It was sponsored by Microsoft and audited by the Meta Group.

The real proof will come when IT departments begin to transition the resources they now devote to patch testing and distribution to higher-value tasks, and do so with the confidence they have more secure Windows infrastructures. If and when that day arrives, Ballmer and Gates will have delivered on their promises in a more important way.


This post falls under this topic(s):

Or read posts on these other topics:



COMMENTS




This is a public forum. CMP Media and its affiliates are not responsible for and do not control what is posted herein. CMP Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in the message center do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this forum becomes the property of CMP Media LLC and may be edited and republished in print or electronic format as outlined in CMP Media's Terms of Service.

Important Note: The Message Center is NOT intended for commercial messages or solicitations of business.
  1. First Firmware Update For The BlackBerry Storm Blows Into Town
  2. Alcatel-Lucent's Big Plans
  3. Get Ready For Some Big News From Nokia
  4. Twitter In Controversial Spotlight Amid Mumbai Attacks
  5. Google Round Up: Evil Layoffs, Chrome Speed Test, Street Views
  1. VMware Introduces Cloning In Virtual Desktops
  2. Employees Suing Sprint Over Commission Snafu
  3. Verizon's Former Hawaii, New England Operations Struggling
  4. Apple's Ban On iPod Sync Software Stymied By Wikileaks
  5. Joost IPTV Comes To iPhone, iPod Touch
  6. San Francisco Mayor Turns To YouTube For State Of The City Speech

 
 
  Ars Technica
Boing Boing
Channel 9 Forums
CRN Blogs
Dr.Dobb's Portal: Blogs
Engadget
Gizmodo
GrokLaw 		  Lifehacker
Schneier on Security
Slashdot
TechCrunch
Techdirt
Techmeme
Valleywag
  SEPTEMBER 2008
AUGUST 2008
JULY 2008
JUNE 2008
MAY 2008
APRIL 2008
MARCH 2008
FEBRUARY 2008 		  JANUARY 2008
DECEMBER 2007
NOVEMBER 2007
OCTOBER 2007
SEPTEMBER 2007
AUGUST 2007
JULY 2007
JUNE 2007