Microsoft: Security requires teamwork

The software giant also tells European customers that it is making progress with efforts to limit security attacks against its products.

Matt Hines
Matt Hines Staff Writer, CNET News.com
Matt Hines
covers business software, with a particular focus on enterprise applications.
2 min read
Microsoft on Thursday gave an upbeat assessment of its campaign to improve IT security in its products.

Speaking at the RSA Conference Europe 2004 in Barcelona, Spain, Rich Kaplan, corporate vice president of Microsoft's Security Business & Technology Unit, said the company remains focused on "evolving security challenges" and committed to working with other IT vendors to further its Trustworthy Computing initiative.

Kaplan indicated that a beta version of a service pack update for Microsoft's Windows Rights Management Services security package is close to arrival, along with its Security Bulletin Advanced Notification program. The executive also said Microsoft will launch its Internet Security and Acceleration Server partner validation program in the near future.

"Customers worldwide, both at home and at work, have told us that they need help minimizing the risk of malicious threats, and we believe this calls for the global IT community to band together to address these needs," Kaplan said at the conference, according to a statement issued by the company.

Last month, Microsoft announced a partnership with networking giant Cisco Systems, under which the two bellwether technology companies promised to collaborate toward making their respective security architectures more interoperable. The companies believe their efforts will result in fewer viruses showing up on corporate networks because of attacks on their products.

Security threats aimed directly at Microsoft products are common. Earlier this week, ScanSafe reported that an exploit targeting the software maker's Internet Explorer Web browser represented the highest number of hacking attacks in the second quarter. The London security company said the top hack during that time frame was Exploit.HTML.Mht, which attempts to download and install a malicious program on a computer by using a security breach in IE. The exploit was used to target almost twice as many victims as other exploits, ScanSafe said.

One of the most closely watched elements of Microsoft's security push is its Rights Management Services package, which aims to protect digital technology, such as Web content, documents and e-mail. The Redmond, Wash., company has created an e-mail address for use by companies seeking access to the beta version of the upcoming service pack.

Among the security benefits the company is pledging with the release are improved user authentication tools via the increased use of smart cards. The company said the update will offer the ability to more easily manage user accounts through the group settings in its Active Directory service pack release, which is currently scheduled to arrive during the first half of 2005.

Kaplan also said Microsoft has provided security training to more than 540,000 IT professionals and partners worldwide over the past year, including more than 170,000 in Europe alone. He said 18 European countries and NATO are currently participating in Microsoft's Government Security Program, providing source code access to the company's Windows and Office product lines, and ceding technical information to these governments about the entire Windows platform.