News
News
1/11/2006
01:31 PM
Connect Directly
RSS
E-Mail
50%
50%

Microsoft Extends Exchange 5.0, 5.5 Support To Patch Critical Bug

Formalizing a change in its support policies Tuesday, the company broke with its past practice of not supplying patches after a product's put out to pasture.

Microsoft formalized a change in its support policies Tuesday as it broke with past practice of not supplying patches after a product's put out to pasture.

Previously, support for a product ended at the end of a calendar quarter: Dec. 31, March 31, June 30, Sept. 30. But those dates are just days before the second Tuesday of the month following, when the Redmond, Wash.-based developer regularly releases patches.

From now on, the company will instead wrap up support with the next monthly security update release cycle. Products that would have had support dropped as of Dec. 31, 2005, for example, were still covered in the Tuesday, Jan. 10, 2006, security updates.

"We changed the end of support dates to map to the monthly security update release cycle so our customers can take advantage of the latest security updates," said Ines Vargas, group manager for Microsoft's support lifecycle program, in a statement. "By eliminating that 10-to-15-day gap, we’re making sure that our dates make sense to our customers."

The change most impacts Exchange 5.0 and 5.5 users, who were to be cut off from all support -- including critical security updates -- as of the end of 2005, but who received a patch for a critical vulnerability Tuesday.

"This is a very good thing for our customers in terms of our Trustworthy Computing initiative," Vargas added.

It may have more to do with the severity of the vulnerability than with any Microsoft initiative.

"This bug has massive financial implications," claimed Mark Litchfield, co-founder and director of NGS Software, the U.K.-based security company credited with discovering the flaw. "If enterprises didn't patch yesterday, they'd better be patching today," he added.

The vulnerability affects older editions of Microsoft Exchange, from the now-obsolete 5.0 and 5.5 through Exchange 2000 Server. Microsoft Exchange Server 2003, however, is immune.

More information about the fixes for Exchange are available in Microsoft's MS06-003 security bulletin.

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.