The big news this week is that Microsoft has announced that AntiSpyware (which I reviewed earlier in Beta form) will be available free of charge. Mr. Gates chose his presentation at the RSA security conference to make the announcement. See the CNET news report for further details. Microsoft's AntiSpyware technology was recently acquired from Giant Software when Mr. Softie bought out the small security firm.
Secondly, despite the increasing market presence of Firefox, Redmond has announced that the next version of Internet Explorer, IE 7, will only be available for XP users.
Look for the new browser to debut about mid-summer this year and, since it will only run on XP with SP2 installed, I expect it will incorporate a number of welcome security features that have been sadly missing from earlier Microsoft browsers.
But in the midst of this turmoil what has been missed by many people is that Microsoft has done a 180-degree turnaround. Internet Explorer 7, as I understand it, will be a stand-alone browser, not tightly integrated with the operating system, despite the fact that it will apparently rely heavily on the security enhancements built into XP SP2.
For information right from the horse's mouth, so to speak, check out the MSDN blog on IE.
IE 7's deployment date has been moved around several times and has just been moved up. Now, if I were cynical, I might point out that a LOT of companies and even government agencies have been taking a serious look at Firefox 1.0, which already does a far superior job of blocking adware and probably also spyware (I can't comment on the spyware specifically, but Firefox certainly does a superb job on some adware that IE 6 ignores completely).
By the way, do you run XP? How about XP SP2? From the comments I've seen and feedback from my clients, only about 10 percent of the total number of users have XP Pro and probably a lot fewer have installed SP2. I know I wouldn't have installed it if I weren't paid to test such things.
Now, a cynic (moi?) might further point out that XP is pretty pricey and this might all be a stick to entice reluctant businesses to upgrade across the board.
But I'm not a Microsoft basher. I'm a realist/pragmatist. Everyone (everyone, that is, except the real fanatics) agree that XP, especially after installing SP2, is by far the most secure operating system Microsoft has ever released. Given that, is it any wonder that the company has decided that the only way to have a really secure browser is to make it run on its most secure operating system? You may not like it, but it makes a lot of sense to me.
Also watch for …
- Almost as soon as Microsoft published that massive security bulletin sweep and almost before I could report on it to my readers, some people in the security community—and hackers—were publicizing exploits for newly-announced vulnerabilities. It just goes to show you that you dare not be slow about applying patches, simply because Microsoft published them before exploits had been seen in the wild; these days it may only take a few hours from the time a new patch is released until someone has a way to attack those who haven't yet applied it.
- E-week has a good report on anti-spyware technology for the enterprise.
- For all those idiots who play video games (okay, I admit it, I own an Xbox too), Microsoft is shipping free new power cords for many older Xbox machines. Mine qualified by date and serial number, so they say it is on the way. You should go to www.xbox.com and see if yours needs replacing. If you bought it before the end of 2003, definitely check. Look at the date on the bottom and skip the process if it reads something after January 1, 2004, but although the actual problem date (23 October 2003 for North America and 13 January 2004 for Europe) is months earlier, why take the chance? Check it out; the replacement cord is free, although I wasn't at all happy about seeing that it required a phone number (no worries, the one I give out will just take them to information).
- For those who think spyware is a spiffy way to check on co-workers and spouses, check out the report of a Florida case on CNET. A wife wanted to see what hubby was doing on Yahoo and the judge ruled against her. "‘It is illegal and punishable as a crime under (state law) to intercept electronic communications,' wrote Judge Donald Grincewicz on behalf of a three-judge panel." She wasn't permitted to use the captured information in a divorce trial.
- New versions of MyDoom are getting some play on TV but they aren't particularly dangerous. It is mostly media hype for the time being, but it won't hurt to keep your virus signatures updated.