Microsoft's CEO Steve Ballmer announced a host of security initiatives at Microsoft's Worldwide Partner Conference in New Orleans yesterday. The company's aim is to protect its customers' systems against what Ballmer dubbed a "wave of criminal attacks".
This is Microsoft's latest effort to stem the tide of worms and viruses that target computers running its popular operating systems and software packages. The company will add new security features to Windows XP and Windows Server 2003, simplify the software patch distribution process as well as hold seminars that teach users to be security conscious.
Perhaps the most technologically significant changes will come from what Microsoft called new "safety technologies", which will be rolled into upcoming service packs for Windows XP and Windows Server 2003. These will allow customers to better protect their computers from attack, even in the absence of required software patches.
Protections against attacks on communications ports, such as the recent W32.Blaster worm, as well as malicious code in email messages and web pages will also be included. Microsoft could not yet comment on what those changes will be or whether they would affect the Windows operating system or Exchange and Outlook products.
Software updates for Windows XP and Windows Server 2003 scheduled for 2004 will include a more robust version of the current Internet Connection Firewall that ships with XP. Future changes will see the firewall activated by default and organisations being able to centrally manage desktop firewalls on its Windows machines.
Microsoft may also integrate behaviour-based blocking technology (developed with Pelican Security) with its default firewall, according to research firm Gartner analyst John Pescatore. By rolling the Pelican technology in with its firewall, Microsoft would be able to protect even unpatched desktops from new attacks such as the recent Slammer and Blaster worms.
Microsoft remained tight-lipped on the issue of antivirus technology. Despite the recent purchase of an antivirus engine and development talent from GeCAD Software, it was "too soon to tell" how antivirus technology might be used to protect Windows customers, according to Amy Carroll, director of product management in Microsoft's Security Business Unit.
On the patch management front, Microsoft will switch to a monthly software patch releases. The software behemoth said its customers have in the past complained that the current system of weekly patches was burdensome and needlessly complex.
Accordingly, the company will release fewer patches and try to consolidate multiple vulnerabilities affecting a single platform into one patch. For vulnerabilities that pose an imminent risk to customers, Microsoft will release patches as soon as they are available. The decision to release emergency patches will be handled on a case-by-case basis and correspond to the level of danger rather than the criticality of the patch, Carroll says.
Microsoft will also be working to reduce the number of patch installers used by its products. Currently, companies must contend with up to eight installers for Windows, SQL Server, Exchange and other products. Firms then use custom scripts to co-ordinate patching. By the first half of 2004, Microsoft hopes to have that number down to two installers ? one for the Windows kernel and one for application level patches.
In the area of user education, Microsoft will introduce new seminars and courses to teach customers how to secure their Microsoft products and networks.