Microsoft Patches Up Its Patch Approach - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Microsoft Patches Up Its Patch Approach

The software vendor plans to reduce the number of patch installers it offers from eight to two by year's end.

Microsoft is reworking its software-patch management approach and plans to reduce eight patch installers to two by year's end.

The company is about to publish a road map for releasing software that helps IT departments fix Microsoft products to guard against hacker attacks, chief security strategist Scott Charney said during a speech and interview at Microsoft's TechEd conference in Dallas on Tuesday. By the end of the year, Microsoft plans to offer customers two patch installers—one for operating systems and one for applications—versus the eight that are available today. That could go down to one by the time Microsoft ships "Longhorn," the next version of its Windows desktop operating system, due in 2005. Difficulty managing installation technology for security patches has caused uptake to be too low, Charney said.

"Patch management was broken," he said. About 95% of hacker attacks occur against known vulnerabilities in software, Charney said. Patches issued by Microsoft have been too difficult to use and their quality has been too low, partly because internal competition among Microsoft developers to build better patch-management software caused too many to reach the market. "We were making it more difficult than it had to be." By the end of the year, he said, "you'll have one set of tools that can look across the whole Microsoft spectrum and tell you what you need."

Charney, the Justice Department's former cybercrime chief and a former principal at PricewaterhouseCoopers, joined Microsoft in April 2002 to work on computer security, privacy, and public-policy issues. He reports to Microsoft chief technical officer Craig Mundie.

The slowdown in IT spending and investment has let technology companies pay more attention to quality, testing, and security without market penalty, Charney said. "Internet time is dead," he said. But "as we continue to move to new technologies, the bad guys are going to follow us and innovate." In response, Microsoft has been encouraging more discussion about security technologies across its product groups, and it formed a patch-management working group.

In other security-related announcements, Microsoft said it plans to develop new security software with software vendor VeriSign Inc. and will offer new security certifications for systems administrators and engineers trained in Microsoft technology.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

10 Things Your Artificial Intelligence Initiative Needs to Succeed
Lisa Morgan, Freelance Writer,  4/20/2021
Tech Spending Climbs as Digital Business Initiatives Grow
Jessica Davis, Senior Editor, Enterprise Apps,  4/22/2021
Optimizing the CIO and CFO Relationship
Mary E. Shacklett, Technology commentator and President of Transworld Data,  4/13/2021
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll