Flaws, hackers highlight week in Windows

We've wrapped up this week's news highlights in a tidy, little package. Three patches, open source declaring open season on Exchange, and stock that's no longer an option earned the bold type for the second week of July.

We're going to do things a little differently around here on Fridays. We'll be giving you a weekly wrap-up -- the top Windows headlines and Microsoft-related stories of the week. Think of it as a weekly "Greatest Hits" package, only with information about patches, service packs and new products instead of music, and links instead of liner notes.

Oops, they patched it again

It's nice to see that life is getting back to normal in the Windows world -- the boldest of this week's Windows headlines warned of not one, not two, but three Windows flaws.

Of the trio of trouble spots, the most serious could let a hacker run code on a victim's PC. The flaw is in the HTML converters of Windows XP, Windows 2000, Windows 98, Windows 98 Second Edition, Windows ME, Windows NT 4.0 Server and Windows Server 2003.

Give some brownie points to "Trustworthy Computing." Although the flaw is rated "critical" in the older systems, it's only rated "moderate" in Windows Server 2003, thanks to improved security features.

The other pair of flaws, rated "important," deal with buffer overflow issues in Windows NT, Windows 2000 Server and Windows XP, as well as a flaw within Windows 2000's utility manager.

Patches for all three flaws are available on Microsoft's Web site.

Hacker challenge yawns to a close

The great hacker challenge sounded scary, but it turned out to be more "slack" than "hack."

Hacker groups held a contest last weekend, awarding points to those cybervandals who broke into Web servers and trashed pages. Fewer points were awarded to those who broke into Windows systems -- evidently, Windows has that "candy from a baby" vibe. Breaking in is considered too easy.

Security experts said that administrators took last week's warnings seriously and locked down their systems in anticipation of trouble, thus the defacement contest did not result in disaster.

Windows Server 2003 gets down to e-business

Microsoft is working on a solution for solution providers -- service packs for e-business servers so they can run on Windows Server 2003.

The company announced that SP1 for Content Management Server 2002 should go out Aug. 1; it will support Visual Studio .NET 2003 and the .NET Framework 1.1. SP2 for Commerce Server 2003 should be ready two weeks after that.

Add another prong to the penguin's attack

Open-source is about as enjoyable as an open wound to Microsoft -- and now the company has another open-source thorn in its side -- OpenGroupware.org.

This is an effort to develop groupware server software to exchange blows with Exchange Server. But it will be an uphill battle. According to a study released this week by the Radicati Group, Exchange still rules the enterprise messaging roost, with 32% of the market. Lotus Notes and Domino has a quarter of the market.

Options are not an option

Although the Mercury News reported that stock options are alive and well in Silicon Valley, Microsoft has dropped its stock option plan for employees, opting instead to award its 50,000 employees with shares of company stock outright.

CEO Steve Ballmer said the company hopes that stock grants will help Microsoft attract and retain the best workers in the high-tech industry.

SOURCES

SearchSecurity.com for Critical Windows alert issued and Major sites survive defacement challenge

CRN

InternetNews

InternetWeek

The Associated Press

FOR MORE INFORMATION:

State of the overhaul -- Microsoft updates patch progress

At your service: Windows 2000 SP4 released

Browse the security offerings in our Product and Vendor Solution Center.

Best Web Links on security

Ask an expert a question about security.

Talk about Exchange in our forum

Dig deeper on Windows Operating System Management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close