Microsoft will provide advanced notice to customers of upcoming patches, including what software and products will be affected, in an effort to allow customers to prepare and pre-roll patches instead of having to try and deal with issues after patches are released.
This move is all the more welcome in the face of 0-Day Viruses, viruses which are released the same day as patches are released. In a world of 0-Day Viruses, customers would receive a patch and often have to roll it out without knowing if it was actually safe to do so or they would have to leave their environments vulnerable knowing that a virus could hit it while they do impact assessments.
While Microsoft and security have typically been viewed as oxymorons, the companies recent moves both in terms of management tools and in terms of real security are becoming a proven fact as they release new generations of products. Both Windows Server 2003 and Windows XP Service Pack 2 have arguably been leaps forward in security. The company still has a lot of ground to cover both in terms of real security and in terms of industry perception, however if they can continue to deliver products at the level of, particularly, Windows Server 2003, it can only be a good thing.
In addition, Microsoft has announced the release of a service pack for Microsoft Windows Rights Management Service, which should impact favourably on both consumers and businesses. Microsoft is also calling on security and software around the world to continue working together in much the same way as Microsoft’s recent security partnership with networking leader Cisco.
“Customers worldwide, both at home and at work, have told us that they need help minimizing the risk of malicious threats, and we believe this calls for the global IT community to band together to address these needs,” Kaplan said at the conference, according to a statement issued by the company.
Overall, the IT and security industries have seen a greater willingness on Microsoft’s part to be open about internal processes. Whether this is simply a reflection of the transparency brought on by the companies 1000 plus bloggers or whether this is an ongoing corporate change being manifested in small actions remains to be seen. Either way, any moves towards greater transparency, community interaction, focusing on standards and increased security are welcomed by the entire industry.