Windows & .NET Magazine UPDATE--Microsoft Hones Security Strategy ... Again--March 2, 2004

This Issue Sponsored By


SITEKEEPER(R): Automated inventory, software installs


Commentary: Microsoft Hones Security Strategy ... Again

Hot Off the Press
- Microsoft Execs Hit the Streets to Pump Up a Slowing Leviathan

New and Improved
- Purchase Network-Messaging Software for Your LAN
- Antivirus for SharePoint Available
- Tell Us About a Hot Product and Get a T-Shirt!

Contact Us
- See this section for a list of ways to contact us.

==== Sponsor: NetIQ ====
FREE AD ROI Calculator - Reduce User Management Costs
Now that you've navigated your Active Directory migration, are you struggling to get the most out of your investment? NetIQ can help you accelerate your return on Active Directory investments and leave security exposures in the dust. Download NetIQ's FREE Active Directory ROI Calculator to determine how much you can save by eliminating the need for help-desk intervention on Windows password resets through end-user self service. You'll discover how to reduce help desk call volume by up to 40 percent, reduce manual processes and secure Active Directory with task delegation, centralized auditing and Group Policy management. Calculate your ROI now.


==== Commentary: Microsoft Hones Security Strategy ... Again ====
by Paul Thurrott, News Editor, [email protected]

At the risk of sounding like a broken record, the past few months have been tough for Microsoft security. The company has taken a number of beatings, from viruses and worms to source code leaks, causing customers and analysts to wonder whether Microsoft's vaunted Trustworthy Computing initiative has been nothing more than a public relations disaster aimed more at quelling customers' fears than in revolutionizing the way Microsoft develops software. Last week, at the RSA Conference 2004 in San Francisco, Microsoft Chairman and Chief Software Architect Bill Gates stood before an atypically unfriendly crowd and came out swinging, reasserting his belief that Microsoft is not only making steady improvements to security but is, in fact, winning the war. Let's look at what he said and examine the security technologies Microsoft plans to roll out over the next several months. Chances are, one or more of these technologies will significantly affect your day-to-day lives.

"There are a lot of different challenges out there," Gates noted. "We've got to have the right tools. We've got to have the right processes. The people who attack these systems are getting more and more sophisticated. For every time we take a type of attack and eliminate that as an opportunity, they move up to a whole new level. And that's not an unending process. We can make it dramatically more difficult, but we have to keep that in mind: This is a measure-countermeasure type environment." Complicating matters are the proliferation of wireless networks and connected non-PC devices, many of which interface with PCs but offer little or no security of their own.

As a software company, Microsoft is concerned primarily with technology-based solutions to security, but the company should also be credited for its nontechnical work educating users and working with governments to push security-related legal initiatives. Of course, one might argue that these initiatives are required only because Microsoft's software is so insecure, but I've long opined that had Microsoft's customers demanded security years ago, the company would have delivered. Don't get me wrong: When it comes to today's security problems, there's plenty of blame to go around, and Microsoft deserves its fair share of the blame.

So here we are in early 2004, and the company has a plan--an ever-evolving response to security that, for this year at least, largely involves shoring up its current products, including Windows Server 2003, Windows XP, and Windows 2000, to be more secure. Presumably, the company will deliver its next-generation products, such as Yukon and Longhorn, in more secure form than the products we're using today. For the short term, we're stuck with retrofitting current products for security while new products are rolled out. So here's what Microsoft's security roadmap looks like for the rest of 2004, in roughly chronological order.

SMS 2003

Microsoft's premier patch updating and Change and Configuration Management (CCM) server, Systems Management Server (SMS), will get a major overhaul this spring with the release of SMS 2003, which includes vulnerability identification and vulnerability assessment services, a handy Patch Deployment Wizard, and several other security-oriented features. We'll look at this release more closely in the coming weeks.

"Windows XP SP2 \[Service Pack 2\] is a release that's totally focused on security," Gates said. "And, in fact, today, this is the primary focus of the Windows team. We've got some portion of them still working on the major featured-oriented release that's off in the future, code-named 'Longhorn,' \[that is\] very exciting, but we prioritized the resources and the activities around what's an intermediate release under the name SP2 that is just security oriented." Microsoft will ship XP SP2 by midyear, I'm told, and will include three key features: a new, more powerful Windows Firewall; a more secure version of Microsoft Internet Explorer (IE); and the new Windows Security Center, which is a dashboard of sorts for security settings. I've examined XP SP2 quite a bit here in Windows & .NET UPDATE, but if you need more information, I've written a comprehensive overview for the SuperSite for Windows at the following URL:

SUS 2.0
A major update to Microsoft's free patch-management service, Software Update Services (SUS) 2.0, is due this spring as well and should be a significant enhancement. I can't write much about this exciting product yet, but stay tuned.

Microsoft Update
Due concurrently with XP SP2, Microsoft Update will consolidate all Microsoft's product update downloads into one site customized for your system. So users with both Windows and Microsoft Office, for example, will see updates to both of these systems when they visit Microsoft Update.

ISA Server 2004

A major refresh of Microsoft's corporate firewall product, Internet Security and Acceleration (ISA) Server 2004, will ship in the first half of the year. ISA Server will sport a significantly enhanced UI, real-time monitoring, a Visual Policy Editor, and integration with Microsoft's other products, including support for filtering Exchange HTTP traffic.

Windows Server 2003 SP1

Due in the second half of 2004, Windows 2003 SP1 will feature a roles-based Security Configuration Wizard (SCW) that will help you securely set up and duplicate servers across your business. The SCW blocks unnecessary ports and services, making for a more secure system; so, for example, if you want to configure a Windows 2003 server as a Web server, it will be a Web server and nothing else.

Moving past 2004, Microsoft has more nebulous software releases coming down the pike. A technology currently called Active Protection Technology will make "computers resilient in the presence of worms and viruses by preventing and containing attacks," according to Gates. "Active Protection Technology represents the next generation of how systems will watch activities and understand what the appropriate policies should be." The idea is that prevention is all well and good, but Microsoft feels it should design the OS to respond correctly if errant code somehow makes it inside the system. The company is also working on something called Exchange Edge Services, an extensible technology which "will relay email to and from the Internet, allowing users to add and apply email routing rules as well as advanced filters from Microsoft and other software makers to minimize junk email and to locate and neutralize viruses." It's unclear how Exchange Edge Services will be delivered. It might be an add-on for Exchange Server 2003 or included in a new Exchange version.

There's more, of course, but I'm out of space again and could potentially spend the rest of my life detailing Microsoft security enhancements. But in an effort to at least portray some good news, consider the following: In the first 300 days after the launch of Win2K, Microsoft issued 38 critical or important security bulletins. Windows 2003 has suffered through only 9 such incidents in the same amount of time. Hey, maybe Windows security really is getting better.


==== Sponsor: SITEKEEPER(R): Automated inventory, software installs ====
FREE DOWNLOAD! Automate your systems management in under an hour! With new SITEKEEPER 3.0, you can easily manage and distribute software patches and updates, track license compliance and inventory hardware and software – all within an hour of installation. Sitekeeper does not require dedicated servers, special training or expensive databases, so it easily fits into your budget. Start managing your systems RIGHT NOW with SITEKEEPER 3.0 – click the link to try it free for 30 days!


==== Hot Off the Press ====
by Paul Thurrott, [email protected]

Microsoft Execs Hit the Streets to Pump Up a Slowing Leviathan
After two decades of hypergrowth, the Microsoft juggernaut has slowed dramatically, so for the past few weeks the company's two most famous executives have been out stumping for a kinder, gentler software giant. In the new Microsoft they're projecting, however, growth will slow and new recruits will have to be convinced that a career in software development is exciting, not a chore. Blame the company's security problems for the most recent dip in interest in Microsoft, if you like, but these problems have been digging away at the company's core strengths for years as it struggles to duplicate its Windows and Microsoft Office duopoly's success in other markets. So Microsoft CEO Steve Ballmer and Chairman and Chief Software Architect Bill Gates have turned up the volume a notch--as if to say, "Hey, we still matter." To read the complete story, visit the following URL:

==== Announcements ====
(from Windows & .NET Magazine and its partners)

Windows & .NET Magazine Connections
Windows & .NET Magazine Connections features speakers from Microsoft and other top independent experts. Complete details about workshops, breakout sessions, and speakers are now online. All attendees will get a chance to win a Florida vacation. Keep your competitive edge by learning from the world’s best experts. Go online now to register.

New eBook--Become a Master in Tools that Ease Computer Management Tasks and Diagnostic Tools
This eBook provides a practical introduction to some of the most important tools in the resources kits and the Support Tools that the Windows 2000 and Windows NT professional editions provide. You'll learn about computer management tasks, desktop production, network management, the browser monitor, and more. Download this free eBook today!

~~~~ Hot Release: Whitepaper: Microsoft Exchange-Integrated Faxing ====
Looking to replace your fax needs completely with email?
Need an easy, cost-effective way to make users productive? Learn how to merge fax into an Exchange and Outlook environment with this new white paper, "Technology Update: Exchange Integrated Faxing." Download (trial & ROI)

==== Instant Poll ====

Results of Previous Poll: Outsourcing
The voting has closed in Windows & .NET Magazine's nonscientific Instant Poll for the question, "Are you concerned about outsourcing and do you currently outsource any of your IT needs?" Here are the results from the 313 votes:
- 40% Yes, I'm concerned, and we currently outsource some or all of our IT needs
- 37% Yes, I'm concerned, but we don't currently outsource any of our IT needs
- 7% No, I'm not concerned, and we currently outsource some or all of our IT needs
- 16% No, I'm not concerned, and we currently have no plans to outsource our IT needs

New Instant Poll: Mobile Device OSs
The next Instant Poll question is, "Which mobile device OS does your company support?" Go to the Windows & .NET Magazine home page and submit your vote for a) Microsoft Windows Mobile (e.g., Pocket PC, Windows Smartphone), b) PalmOS (e.g., Palm, Handspring, Sony CLIE), c) Research In Motion's Blackberry, d) All of the above, or e) None of the above.

==== Resources ====

Featured Thread: Slow and Choppy Scrolling
Forum member tech_bot performed a clean installation from Windows 2000 Professional to Windows XP Professional Edition. Now when he tries to scroll, it's slow and choppy, even though the system scrolled fine on Win2K. He has tried the performance settings with no results. If you can help, visit the following URL:

Tip: Why can't I reduce my taskbar to one line?
by John Savill,
In Windows 98 and later, you can drag the taskbar one row at a time (if it isn't locked) to fill half the screen or to hide it entirely. However, I recently encountered a problem in which the taskbar wouldn't reduce to the default setting of one line (it either appeared as two lines or none but not one).
I discovered the problem was that I had a toolbar set to start directly underneath another toolbar, which I was able to confirm by unlocking the taskbar (right-click the taskbar and clear the checkmark next to "Lock the Taskbar"). As the figure at shows, two separate group start lines were set to appear one directly above the other. To resolve the problem, I dragged the lower group start line up to the other group start line and resized the taskbar to appear on one line.

==== Events Central ====
(A complete Web and live events directory brought to you by Windows & .NET Magazine: )

New Web Seminar--Realizing the Return on Active Directory
Join Mark Minasi and Indy Chakrabarti for a free Web seminar and discover how to maximize the return on your Active Directory investments and cut the cost of security exposures with secure task delegation, centralized auditing, and Group Policy management. Register now and receive NetIQ's free "Securing Access to Active Directory-A Layered Security Approach" white paper.

==== New and Improved ====
by Carolyn Mader, [email protected]

Purchase Network-Messaging Software for Your LAN
Softros Systems released Softros Messenger, network-messaging software for LANs, WANs, and intranets. The software doesn't require a server and can correctly identify all Windows XP/2000/NT user accounts. Softros Messenger provides strong encryption options for all incoming and outgoing messages so that no unauthorized person ever reads personal correspondence. Pricing is $12.95 for a single license.

Antivirus for SharePoint Available
Sybari Software announced that its antivirus and content-filtering software, Antigen 7.5 for Microsoft SharePoint, has gone gold. The latest addition fully supports Microsoft Office SharePoint Portal Server 2003 and Microsoft Windows SharePoint Services. Antigen features document-filtering capabilities, real-time protection of multiple SharePoint Document Libraries, and seamless integration with Microsoft SharePoint Virus Scanning API.

Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]

==== Sponsored Links ====

Surf Control
SurfControl Web Filter manages Internet risk. Try it FREE for 30 days.;7342764;8214395;q?

VERITAS Software
"Improving Application Performance on Storage Arrays" Webcast from VERITAS Software.;7368533;8214395;s?


==== Contact Us ====

About the newsletter -- [email protected] About technical questions -- About product news -- [email protected] About your subscription -- [email protected] About sponsoring UPDATE -- [email protected]

This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

View the Windows & .NET Magazine Privacy policy at Windows & .NET Magazine a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538, Attention: Customer Service Department Copyright 2004, Penton Media, Inc. All Rights Reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.