Microsoft Patches Up Its Patch Approach - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News

Microsoft Patches Up Its Patch Approach

The software vendor plans to reduce the number of patch installers it offers from eight to two by year's end.

Microsoft is reworking its software-patch management approach and plans to reduce eight patch installers to two by year's end.

The company is about to publish a road map for releasing software that helps IT departments fix Microsoft products to guard against hacker attacks, chief security strategist Scott Charney said during a speech and interview at Microsoft's TechEd conference in Dallas on Tuesday. By the end of the year, Microsoft plans to offer customers two patch installers—one for operating systems and one for applications—versus the eight that are available today. That could go down to one by the time Microsoft ships "Longhorn," the next version of its Windows desktop operating system, due in 2005. Difficulty managing installation technology for security patches has caused uptake to be too low, Charney said.

"Patch management was broken," he said. About 95% of hacker attacks occur against known vulnerabilities in software, Charney said. Patches issued by Microsoft have been too difficult to use and their quality has been too low, partly because internal competition among Microsoft developers to build better patch-management software caused too many to reach the market. "We were making it more difficult than it had to be." By the end of the year, he said, "you'll have one set of tools that can look across the whole Microsoft spectrum and tell you what you need."

Charney, the Justice Department's former cybercrime chief and a former principal at PricewaterhouseCoopers, joined Microsoft in April 2002 to work on computer security, privacy, and public-policy issues. He reports to Microsoft chief technical officer Craig Mundie.

The slowdown in IT spending and investment has let technology companies pay more attention to quality, testing, and security without market penalty, Charney said. "Internet time is dead," he said. But "as we continue to move to new technologies, the bad guys are going to follow us and innovate." In response, Microsoft has been encouraging more discussion about security technologies across its product groups, and it formed a patch-management working group.

In other security-related announcements, Microsoft said it plans to develop new security software with software vendor VeriSign Inc. and will offer new security certifications for systems administrators and engineers trained in Microsoft technology.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2018 State of the Cloud
2018 State of the Cloud
Cloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
Slideshows
9 Steps Toward Ethical AI
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/15/2019
Commentary
How to Assess Digital Transformation Efforts
Lisa Morgan, Freelance Writer,  5/14/2019
Commentary
Is AutoML the Answer to the Data Science Skills Shortage?
Guest Commentary, Guest Commentary,  5/10/2019
Register for InformationWeek Newsletters
Video
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll