Security Watch

Hackers Know It's All In the Timing

Patch Tuesday reminds us once again that hackers will always be a step ahead. Plus: Outlook issue to be fixed out of band; Intel's intentions with McAfee buy seem questionable.

Two months into 2011, Microsoft has gone from two patches to 12. Even though many of the ones fixed in yesterday's Patch Tuesday release were zero-day bugs that Redmond didn't have time to fix last time, many security pros believe this is entirely the point.

On top of that, Redmond came up just short on patching the MHTML issue. Even though Microsoft released a workaround for that issue, the question once again arises as to whether patches can ever beat back hackers.

The software giant has pointed out that the threat level for the MHTML issue is low. Still, ESET researcher Aryeh Goretsky points out in this blog post, "We have also seen countless examples in the past where vulnerabilities in a popular operating system or application have been exploited on a massive scale."

And so it goes. Redmond remains the best in the business when it comes to timely and comprehensive patches, but hackers know that security lead times and the administrative girth of security updates will continue to be the bane of Windows IT and security generalists.

Outlook Fix To Be Reworked
Speaking of lag time, it appears the third time will be the charm for an especially troublesome Outlook issue. First released Dec. 14, 2010, the Outlook 2007 patch was pulled days later, then reissued Jan. 11, 2011. And now this: "We've found an issue...which may result in users being unable to access their archive mailbox," wrote Bharat Suneja, a senior technical writer with the Exchange team, in this post.

It's not really a security issue, but a functionality problem with Exchange 2010 Service Pack 1, which first rolled out last August.

The Outlook fix isn't part of this month's fixes, but Suneja indicated that a hotfix, tweak or full re-release of the update would be part of another cumulative patch for Outlook 2007 later this month.

Intel Intent with McAfee Still Unclear
As Intel awaits a U.S. Department of Justice nod on its mammoth acquisition of AV software company McAfee, some in the security community question the assertion that Intel is developing functionality that will prevent zero-day threats at the chip level and whether such functionality will ultimately prove anticompetitive and freeze out security vendors.

"To date, Intel's intent and vision behind the deal has been muddy at best," said Lumension CEO Pat Clawson. "This deal certainly ruffled a few feathers when it was being passed through."

Clawson says that Intel's pledge to the EU Competition Commissioner that it will provide rival security firms with access to the necessary information to allow their products to use Intel's chips is "reflective of one market reservation over this acquisition."

The real pressing concern, Clawson adds, is whether it's acceptable among third-party security firms and PC vendors using Intel chips -- to say nothing of users -- for Intel to impose security on the devices that they ship. Justin Rattner's indication that Intel is developing functionality that will prevent zero-day threats on the device is interesting. But, the feasibility needs to be explored.

"The lack of an official announcement on (Intel's) intention for the deal has left the market pondering what exactly it will do next, " Clawson said. He concedes that security innovation on the mobile devices would certainly "be an interesting and most likely welcome addition to the consumer handset market."

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Jumbled Word Cloud Graphic

    Q&A: How Microsoft Is Raising Azure Arc's Data Services Game

    Ignite 2020 saw the public preview of Azure Arc enabled data services, the latest step in Microsoft's bid to demystify multicloud. Principal program manager Travis Wright explains how it works.

  • Ivanti Buys MobileIron and Pulse Secure

    The acquisitions are expected to enhance Ivanti's mobile endpoint security offerings.

  • Microsoft Touts Azure as 'Carrier-Grade Platform' for Telcos Deploying 5G

    Microsoft has affirmed its software-defined networking infrastructure support for telecom companies, especially as they move more toward rolling out 5G wireless services.

  • Microsoft Rebrands Enterprise Security Solutions as 'Microsoft Defender'

    Microsoft took the occasion of its Ignite event last week to rebrand its enterprise security solutions for premises and cloud environments, mostly by putting "Microsoft Defender" on their names.

comments powered by Disqus