Microsoft To Provide More Patches For Third-Party Apps - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

12:08 PM

Microsoft To Provide More Patches For Third-Party Apps

Some observers wonder if Microsoft's patch of Adobe Flash Player augers the company's permanent move to be more accountable for the security of bundled, partnered products in Windows.

Microsoft confirmed Wednesday that it will continue to patch third-party products that impact Windows.

Tuesday, Microsoft pushed out a patch to Windows XP, 98, and Millennium users for Flash Player, an Adobe-owned multimedia application that's bundled with those operating systems. It was the first time that the Redmond, Wash. developer had issued an update for a non-Microsoft product using its Windows Update service.

A Microsoft spokesman explained the decision Tuesday afternoon by saying that "Flash Player is a third-party technology that is redistributed by Microsoft in certain versions of Windows, therefore some Microsoft customers may be at risk.

"Microsoft is committed to protecting our customers from security threats and so has worked closely with Adobe to develop, test, and release security updates that help protect our mutual customers from these security vulnerabilities," he continued.

When asked Wednesday whether the Flash update was a one-time event or the beginning of a long-term practice, the spokesman's answer was oblique.

"I think Chris Andrew had it right when you quoted him as saying, 'Third-party vulnerabilities, when those third-party products are bundled with Windows, must be patched just as if they were Windows bugs,'" the spokesman added Wednesday.

Andrew, vice president of security technologies at patch and vulnerability management maker PatchLink, commented in a TechWeb story Tuesday about the three security bulletins Microsoft released, including MS06-020, the one which updates Flash Player.

"Is this a move to take more accountability of bundled, partnered products in Windows?" asked Mike Murray, director of research at vulnerability management vendor nCircle, in that same story Tuesday. "If so, that would be huge, a phenomenal step for Microsoft, to essentially 'own' security at any level that touches the Microsoft OS."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Why 2021 May Turn Out to be a Great Year for Tech Startups
John Edwards, Technology Journalist & Author,  2/24/2021
How GIS Data Can Help Fix Vaccine Distribution
Jessica Davis, Senior Editor, Enterprise Apps,  2/17/2021
11 Ways DevOps Is Evolving
Lisa Morgan, Freelance Writer,  2/18/2021
Register for InformationWeek Newsletters
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll