OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Andy Richard (andrichardNA.KO.COM)
Date: Thu Oct 04 2001 - 08:28:48 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    In a conference call from Microsoft discussing their new Strategic
    Technology Protection Program, they mentioned that they were going to be
    doing more than just the CD with all the patches. This new initiative was
    to be called "Get Secure ... Stay Secure".

    The first product was going to be this CD that would be easy to install.
    Simply place the CD in, launch it, and it installs all the latest hotfixes,
    etc. It would also contain white papers, etc. on topics of security. It
    basically sounded like the MS TechNet CD with a focus on security only.
    Just like TechNet, it sounded like a pay service and would be put out
    periodically.

    The other product is going to be a new push service. You would expose
    one/all of your machines to this service and Microsoft will push out the
    patches to this machine automatically. As an option, you can choose to
    expose only one of your machines to their push server, and use that machine
    to test the environment to make sure it's not going to break anything. Then
    you can roll out the hotfixes from that machine. I believe it was mentioned
    that this would be a pay service. Sounds like Windows Update in reverse.

    There were several people on the call who took the opportunity to question
    what it was that Microsoft was going to do to fix the problems before they
    roll out the door. One person asked what steps Microsoft was going to take
    in house to prevent software from rolling out the door that was then
    subjected to the buffer overrun of the week event. Microsoft says that they
    have development tools already in place that check code for just these
    problems. As these holes are exposed, they go back and re-write the
    development tools so that the problem will not pass the code checkers
    again.

    Just thought this information might come in handy.

    Andy Richard
    The Coca-Cola Company
    Intranet Support/Utility

    ============================================================================
    Delivery co-sponsored by Trend Micro, Inc.
    ============================================================================
    BEST-OF-BREED ANTIVIRUS SOLUTION FOR MICROSOFT EXCHANGE 2000
    Earn 5% rebate on licenses purchased for Trend Micro ScanMail for
    Microsoft Exchange 2000 between October 1 and November 16. ScanMail
    ensures 100% scanning of inbound and outbound traffic and provides
    remote software management. For program details or to download your
    30-day FREE evaluation copy:
    http://www.antivirus.com/banners/tracking.asp?si=53&BI;=245&UL;=http://www.ant
    ivirus.com/smex2000_rebate