Security Watch

ASP.NET Fix Is Out

Microsoft released an out-of-band patch today that addresses the ASP.NET vulnerability previously described by Security Advisory 2416728.

Specifically the patch resolves complication stemming from a bug in ASP.NET that, in turn, affects all versions of the .NET Framework when used on Windows Server.

The software giant says most regular users of Windows systems aren't vulnerable unless they are running a Web server from their computer. However, enterprise Windows IT pros running with a network environment having anything to do with .NET should take a look at this.

"Based on our comprehensive monitoring of the threat landscape, we have determined an out-of-band release is needed to protect customers as we have seen limited attacks and continued attempts to bypass current defenses and workarounds, said Dave Forstrom, Microsoft's director of trustworthy computing, in this blog post.

Symantec Aims for 'Ubiquity'
Anti-virus and malware detection software behemoth Symantec plans to announce the rollout of a new reputation-based security technology, code-named "Ubiquity," across its entire enterprise security software portfolio.

The company says that unlike traditional malware protection, which requires security vendors to capture and analyze specific strains of malware, this technology enables Symantec to "identify risks by context rather than content."

"This proprietary technology relies on automated feedback generated by the anonymous software usage patterns of Symantec's customers and sophisticated data mining algorithms to compute safety ratings for virtually all files on the Internet," Symantec said in an e-mailed statement.

The company will elaborate on the initiative at its upcoming Vision 2010 EMEA Conference in Barcelona.

Redmond Targets SMB with Security Essentials
What started out as a free anti-virus software application for consumers, Microsoft Security Essentials will now be pitched to the small- and medium-sized business segment, according to this blog post.

Redmond will roll out the free service to SMB clients beginning in October and promises that the software will help MSPs "reduce operating costs," "improve productivity," and foster business growth -- all of this in a "very challenging economic climate."

If this rollout does catch on in the SMB space, it will be interesting to see when and how quick Microsoft will try to move up into the enterprise area and begin to challenge rivals such as Symantec, Sophos and McAfee. The last one is interesting: McAfee was recently acquired by Intel, and Intel wants to create an embedded security architecture inside its chips for mobile devices and high-performance PCs.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.


  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus