Microsoft To Broaden Security-Patch Software - InformationWeek
04:51 PM

Microsoft To Broaden Security-Patch Software

The company says data security is by far its most important area of investment.

In a move to quiet customer complaints about the difficulty of securing its software against cyberattacks, Microsoft on Tuesday said it plans to release technology this year for making sure its latest patches are downloaded to more PCs.

Microsoft plans to release during the second half of the year software called Windows Update Services that it says will let companies download and install security patches it issues to fix vulnerabilities in Windows, Office, and other Microsoft products. The software, to be available as a free download for customers running Windows Server 2003, aims to replace a hodgepodge of installation techniques used by small and midsize companies today, senior VP Bob Muglia said during an interview at the Microsoft Management Summit conference in Las Vegas.

"The key for customers is getting these patches down," Muglia says. "The biggest issue right now is that when we issue a patch, it can take them weeks to get it installed after they're done testing it. We want it done right away."

Security flaws in Microsoft products have left many companies susceptible to Internet-borne viruses and worms, and Microsoft executives have said the flaws have caused some customers to delay purchasing plans for its business software. In a speech Tuesday, Muglia called data security by far the most important area of investment inside Microsoft.

Windows Update Services, which Microsoft is testing with hundreds of its customers, aims to replace methods that small and midsize companies use to apply Microsoft-issued patches, including software from other companies, Windows' built-in update feature for desktop PCs, and Microsoft's more-sophisticated Systems Management Server, aimed at large companies. Windows Update Services will replace a current Microsoft technology called Software Update Services. The new software can apply patches to Windows, will be able to patch Office apps by a summer round of testing, and eventually will handle patches for other Microsoft products, including Exchange and SQL Server, Muglia says. It can also install patches in pieces, detecting when a user's computer is least busy.

"Windows should know how to patch itself and any apps that run on it," Muglia says. Microsoft is working on the future capability for Windows Update Services to eventually install security patches and other updates from third-party software vendors and those written by business customers' IT departments. That work is slated to appear in Windows Longhorn and an associated developer tool suite code-named Orcas, expected in three to four years.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Digital Transformation Myths & Truths
Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll