Azure Stack Gets Legal Assurances Under Azure IP Advantage Program
Microsoft's intellectual property (IP) indemnification program for Azure services has been extended to Azure Stack users, too, the company announced this week.
The indemnification program for users of Azure services, called "Azure IP Advantage," had its debut back in February 2017. With it, Microsoft provides assurances to its Azure customers that they have some defense against getting successfully sued for infringing the software patents of third parties.
The assurance comes in the form of a pool of 10,000 Microsoft patents used for defensive purposes in court cases. If a customer gets sued for IP infringement, Microsoft promises to give the customer one of its patents for countersuing purposes. Microsoft may also take up the legal fight on behalf of the customer under this program.
Now the Azure IP Advantage program covers Azure Stack, an appliance certified by Microsoft's hardware partners that lets organizations run Azure services in their own datacenters, instead of having to use Microsoft's public cloud infrastructure.
Here's how Microsoft characterized the indemnity support for Azure Stack, which adds protections for open source software use:
With Azure IP Advantage, Azure Stack services receive uncapped indemnification from Microsoft, including for the open source software powering these services. Eligible customers can also access a defensive portfolio of 10,000 Microsoft patents to defend their SaaS application in Azure Stack. This portfolio has been ranked among the top 3 cloud patent portfolios worldwide. They can also rely on a royalty free springing license to protect them in the unlikely event Microsoft transfers a patent to a non-practicing entity.
The "springing license" reference means that the patents that Microsoft may transfer to other companies under this program can't be used to make IP claims against other Azure customers.
In other Azure Stack news, Microsoft warned earlier this month that all Azure Stack systems are subject to "speculative execution"-type attacks associated with Intel, AMD and ARM processors (Security Advisory ADV180002). The attacks could result in information disclosure, such as the showing of password or encryption key information.
Operating system and firmware updates are needed in Azure Stack systems to ward off these speculative execution threats, called "Meltdown" and "Spectre" by researchers. Microsoft recommends applying the Azure Stack 1712 update to Azure Stack systems, although the update has some "known issues." Firmware updates, available from OEMs, are also needed after the Azure Stack 1712 update has been applied.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.