Microsoft happy with progress in securing products

The past two or three weeks have been pretty bad ones for Microsoft but the operations manager of the company's security response centre believes that it is following the right road to making its products secure.

Iain Mulholland said security could not be ensured overnight and, as proof of progress which the Trustworthy Computing Initiative, set in place by the company's co-founder Bill Gates, had made, he pointed to the fact that Windows Server 2003 has had less vulnerabilities than Windows Server 2000 in a comparable period.

He defended the time which the company takes to release patches for vulnerabilities - most recently, 200 days were taken to patch a vulnerability in Abstract Syntax Notation One, a language which defines the way data is sent across dissimilar communication systems - by saying that the quality of the patch had to be ensured.

Any patch had to be tested against at least 1000 applications as there were that many that were being run by various businesses on its operating systems, Mulholland said.

 View: Full Story
 News source: SMH.com.au

Intel Exec Sees 64-Bit Irrelevant for Home PCs Now

SAN FRANCISCO (Reuters) - A top Intel executive said 64-bit technology, which gives computers greater memory capacity and more powerful data crunching abilities, would not become relevant to home PC users until sometime in 2006, later than anticipated by Intel's rival, AMD.

William Siu, the general manager in charge of Intel's desktop computer chips business, made the comments on Wednesday in an interview with Reuters, a day after Intel reversed course and endorsed 64-bit computing for its entire line of business computer chips.

Siu, however, did not say that Intel would necessarily wait until 2006 to introduce the feature into its desktop computer chips. Intel has held that it will offer the feature when it determines that an "ecosystem" of operating systems and software to support the feature has developed.

 View: Full Story
 News source: Reuters

Linux Kernel Flaws Uncovered

Security researchers are warning of potentially serious vulnerabilities in the Linux kernel that could allow malicious hackers to gain full super-user privileges.

The vulnerability affects the 2.6.x branch prior to version 2.6.3 and the Linux kernel memory management code.

Experts note that the latest bug is unrelated to a previous vulnerability in the same internal kernel function code.

Users are urged to update to version 2.6.3 at the Linux Kernel Archives.

According to an advisory issued by Secunia, a boundary error in the "ncp_lookup()" function causes the privilege escalation flaw.

 View: Full Story
 News source: InternetNews