Patches: What Do They All Mean?
My first alert to the batch of
patches
released yesterday was an e-mail from Microsoft PR with the numbers for
seven new patches. Wanting to know what holes they fixed, I read the description
of the first one, MS06-004: This hole "could allow an attacker to take
complete control of an affected system." That sounded serious so I read
the next one: The second hole "could allow an attacker to take complete
control of an affected system." Hmm...Word's cut and paste seems
to be working pretty well as all seven holes had the exact same description.
To find out more I had to wait for our roving reporter Stuart Johnston to dig
up the details and post it on Redmondmag.com. According to Stuart, while the
flaws all allow for hacker control of your machine, the attacks can come through
different vectors such as IE and Windows Media Player.
Do you like Patch Tuesday, and what would you do to improve the whole patching
process? E-mail me at [email protected].
Symantec Touts Full Compliance Solution
I recently had lunch with a Symantec compliance exec where we talked about the
piece-meal approach that IT is often forced to take to be in compliance. In
answer to that, Symantec is poised
to ship BindView Policy Manager 3.0, which the company claims solves a whole
host of compliance problems. Policy Manager helps create and enforce policies,
and pushes a single console that can track a number of items such as proper
anti-virus protection. It also lets IT define Universal Controls so that a single
policy can be used to enforce different compliance regulations.
How big a hassle is compliance and how do you handle it? Tell us at [email protected].
A Virtual Trio
So you think virtual machine software is a two-player game pitting the feisty
VMware against the market share-buying Microsoft? Wrongo. SWsoft is also in
the hunt with Virtuozzo. SWsoft doesn't pay much attention to clients:
What it cares about are servers. To ease adoption of Virtuozzo for Windows 3.5.1,
it just released
a migration tool to shift from physical servers to virtual servers (that
hopefully run on fewer physical boxes).
Do you use virtual machines and if so, what are the plusses and minuses? E-mail
me at [email protected].
Borland Has Another New Plan
Borland is one interesting, confusing company, at least for an outsider like
me. Started over two decades to sell a cheap version of Pascal, Borland became
a real rival to Microsoft in spreadsheets and databases. After Excel and Access
put the hurt on, Borland struggled for a new identity and even changed its name
to something so dull and meaningless I can't even remember. Last week
Borland transformed
again, ditching its well-regarded line of developer tools and driving full
bore into the application lifecycle management market. Hopefully the sell-off
of the programming languages and IDE wares will pay for its $100 million purchase
of Segue Software, an application lifecycle management vendor.
Subscribe
to Redmond Report |
This column
was originally published in our weekly Redmond Report newsletter.
To subscribe, click here. |
|
|
Going Mobile
After a decade of poking around the periphery, Microsoft is starting to make
big waves in the very center of the mobile space. Its core mobile OS is being
picked up by more and more third parties (including Palm), partly because it
is really beginning to work (don't get me started on my early attempts
to use Windows CE -- those slick pieces of hardware crashed more than Billy
Joel driving in the Hamptons).
Rounding out its growing portfolio, Microsoft just
bought a French maker of mobile search software. As you may have guessed,
Google and Yahoo are already in this game. But do Google and Yahoo have a full
OS for mobile devices? I didn't think so!
About the Author
Doug Barney is editor in chief of Redmond magazine and the VP, editorial director of Redmond Media Group.