Security Watch

ASP.NET Fix Is Out

Microsoft released an out-of-band patch today that addresses the ASP.NET vulnerability previously described by Security Advisory 2416728.

Specifically the patch resolves complication stemming from a bug in ASP.NET that, in turn, affects all versions of the .NET Framework when used on Windows Server.

The software giant says most regular users of Windows systems aren't vulnerable unless they are running a Web server from their computer. However, enterprise Windows IT pros running with a network environment having anything to do with .NET should take a look at this.

"Based on our comprehensive monitoring of the threat landscape, we have determined an out-of-band release is needed to protect customers as we have seen limited attacks and continued attempts to bypass current defenses and workarounds, said Dave Forstrom, Microsoft's director of trustworthy computing, in this blog post.

Symantec Aims for 'Ubiquity'
Anti-virus and malware detection software behemoth Symantec plans to announce the rollout of a new reputation-based security technology, code-named "Ubiquity," across its entire enterprise security software portfolio.

The company says that unlike traditional malware protection, which requires security vendors to capture and analyze specific strains of malware, this technology enables Symantec to "identify risks by context rather than content."

"This proprietary technology relies on automated feedback generated by the anonymous software usage patterns of Symantec's customers and sophisticated data mining algorithms to compute safety ratings for virtually all files on the Internet," Symantec said in an e-mailed statement.

The company will elaborate on the initiative at its upcoming Vision 2010 EMEA Conference in Barcelona.

Redmond Targets SMB with Security Essentials
What started out as a free anti-virus software application for consumers, Microsoft Security Essentials will now be pitched to the small- and medium-sized business segment, according to this blog post.

Redmond will roll out the free service to SMB clients beginning in October and promises that the software will help MSPs "reduce operating costs," "improve productivity," and foster business growth -- all of this in a "very challenging economic climate."

If this rollout does catch on in the SMB space, it will be interesting to see when and how quick Microsoft will try to move up into the enterprise area and begin to challenge rivals such as Symantec, Sophos and McAfee. The last one is interesting: McAfee was recently acquired by Intel, and Intel wants to create an embedded security architecture inside its chips for mobile devices and high-performance PCs.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.


  • Exchange Server June Cumulative Updates Arrive, but with Red Tape

    Microsoft released its quarterly cumulative updates (CUs) for Exchange Server 2013, 2016 and 2019 products this week, but added an extra step for IT pros to consider before installing them.

  • Moving an Old VM to a New Hyper-V Host

    So you want to know whether a Hyper-V virtual machine built on a legacy host will be supported by a newer server? There's a PowerShell command for that.

  • AI-Driven Solution Tracks Packets Through the Datacenter

    Datacenter solutions vendor Kaloom this week unveiled a new offering the company says will enable the development of "self-driving" datacenter networks.

  • Microsoft Previews Azure Bastion Service for Private VM Access

    Microsoft on Tuesday announced a preview of the Azure Bastion service, which lets a user connect to an Azure virtual machine (VM) using a private Internet connection.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.