PRO+ Premium Content/Information Security magazine

Thank you for joining!

Access your Pro+ Content below.

February 2003

Microsoft Security Response Center revamps its patch processes

This article is part of the Information Security magazine issue of February 2003

The Code Red and Nimda worms revealed severe problems in Microsoft's security alerting system. Despite the availability of patches weeks before either worm hit the Internet, few users--particularly enterprises--deployed them. We always took security seriously and were committed to it, but much more of the company takes it much more seriously in the aftermath of Code Red and Nimda. Steve Lipner, directorMicrosoft security assurance The problem was twofold: Some users found Microsoft's advisories difficult to understand or didn't receive them at all; others had a difficult time obtaining and verifying the patch. The situation prompted a complete revamping of the Microsoft Security Response Center (MSRC), the gateway for vulnerability reports and security fixes. "We always took security seriously and were committed to it, but much more of the company takes it much more seriously in the aftermath of Code Red and Nimda," says Steve Lipner, director of security assurance, who oversees the MSRC. "We know it's important to get it all ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Microsoft security improving, while Trustworthy security lacks effort
by Lawrence M. Walsh
Microsoft is making significant strides to clean up its security mess, but Trustworthy Computing still has a long way to go.
Microsoft Security Response Center revamps its patch processes

Microsoft Security Response Center revamps its advisory and patch processes.
Microsoft's internal auditor discusses the company's IT security outlook

Scott Charney is Microsoft's internal auditor, see what he and his team control.

Profile: Symantec CEO John Thompson
by Anne Saita
Symantec's CEO breaks business and cultural barriers in his drive to build a security superpower.
NetIQ's five-point security architecture

Even with expanded support and agents, NetIQ's SIM product remains a Windows-centric solution.
How to address enterprise IT security concerns with executives

Five tips to win friends and influence C-level execs in your organization.

Columns in this issue

Next-generation security awareness training
by Andrew Briney
Put your posters and buttons away. A more effective solution is at your fingertips.
Hacking in 2003: Examining this year's hacking techniques

A look at the foibles, follies and felons of infosec in 2003.
Using HoneyD configurations to build honeypot systems
by Marcus J. Ranum
Spoofing, diversion and obfuscation are all part of honeyd's powerful arsenal.

Detecting a Linux server hack
by Jay Beale
Learn how to detect if your Linux server have been hacked or compromised.
Tips and tricks for IDS deployment best practices
by Jack Danahy, Contributor
Intrusion detection remains an over-hyped technology because most companies have no idea what to do with it.

View Information Security magazine Archives

SearchCloudSecurity

Access your Pro+ Content below.

Microsoft Security Response Center revamps its patch processes

Access this PRO+ Content for Free!

Features in this issue

Microsoft security improving, while Trustworthy security lacks effort

Microsoft Security Response Center revamps its patch processes

Microsoft's internal auditor discusses the company's IT security outlook

Profile: Symantec CEO John Thompson

NetIQ's five-point security architecture

How to address enterprise IT security concerns with executives

Columns in this issue

Next-generation security awareness training

Hacking in 2003: Examining this year's hacking techniques

Using HoneyD configurations to build honeypot systems

Detecting a Linux server hack

Tips and tricks for IDS deployment best practices

Considering cloud threat intelligence and detection services

CyberArk warns of 'shadow admins' in cloud environments

How enterprises should handle GDPR compliance in the cloud

Top application delivery controllers offer range of options

New Accedian SkyLIGHT PVX has root-cause analytics

New CDN services give providers an edge in WAN marketplace

The CIO voice in the boardroom: Skills needed to get there

Workplace 'mindfulness' as coping mechanism for AI disruption

Juniper CEO Rahim stresses cybersecurity training, automation at RSA 2018

Manage Windows 10 desktops, mobile devices with EMM software

Spectre and Meltdown vulnerabilities show haste makes waste

Workflow automation software improves LA court productivity

Users demand more from containers in cloud

IaaS and PaaS blurred lines increase lock-in risks

Single pane of glass for multi-cloud management still elusive

Gartner predicts AI will add $1.2tn to companies’ earnings in 2018

Scotland’s digital health and care strategy highlights need for collaboration

Home Office Brexit app only works for Android users