Security Advisor
Vista SP1 Infections Increasing
Plus: Former Microsoft CSO steps down from government position, 10 years of Trustworthy Computing
Microsoft clarified this week on a finding in its latest Security Intelligence Report (SIR) that saw a dramatic uptick on the malware infection rate of systems running Windows Vista SP1.
According to Microsoft's study, not only did those infected dramatically increase, but it outpaced the infection rate of Microsoft's Windows XP SP3.
What's the difference between the two OSes? One is still receiving Windows support, while the other is all alone in the wild. Bet you can guess which one is still receiving support.
Microsoft's figures have systems running Vista SP1 clocking in 17 percent more infection rates than XP SP3.
The good news is that Microsoft has an obvious fix to alleviate this issue: update your system.
"If you are still running systems with Windows XP SP2 or Windows Vista SP1 in your environment, you need to install the latest service pack on these systems immediately as they are no longer automatically receiving security updates from Microsoft," wrote Tim Rains, a director with Microsoft's Trustworthy Computing group, in a blog post.
U.S. Cyber Czar Steps Down
After hearing this news I did a quick Google search and, yup, there really exists a cyber czar position in the government.
And it was occupied by former Microsoft CSO and co-founder of the Trustworthy Computing Group Howard Schmidt. He accepted the title under the Obama administration in 2009 after serving in a somewhat similar role (but different title) for President Bush.
His biggest contribution included the adoption of the National Strategy for Trusted Identities in Cyberspace, which set the framework for private companies to verify identities of customers online. Also, recently he has been vocally critical to the Cyber Intelligence Sharing and Protection Act (CISPA), and is believed to be instrumental on the White House's decision not to support the act.
"It has been a tremendous honor for me to have served in this role and to have worked with such dedicated and professional colleagues both in the government and private sector," Schmidt said in a statement. "We have made real progress in our efforts to better deal with the risks in cyberspace so, around the world, we can all realize the full benefits that cyberspace brings us."
Schmidt is succeeded by Michael Daniel, who has worked in the Office of Management and Budget's national security division for over 15 years.
10 Years of More Secure Microsoft Software, Annoying Patch Tuesdays
Bill Gates' initiative to strengthen Microsoft's involvement in securing its software is a decade old, and Redmond's Jeffrey Schwartz has penned a great tribute to the Trustworthy Computing.
And even though Gates' presence has been gone from the day-to-day activity in Redmond, the company's security policy has not wavered. It still works hard to bring timely software updates when issues arise and, as evident in the recent takedown of the Zeus botnet ring, is taking a lead role in finding and prosecuting those that look to do harm online.
Check out Jeff's piece, in which he chronicles Gates' ultimatum to improve security protocol, discusses that while Vista was a commercial disappointment, it was a huge leap in OS security technology and even talks to a few of the former Trustworthy Computing critics that are now big fans of the initiative that companies like Oracle and Apple are trying to duplicate.
What's your opinion on how Microsoft's styance on security has changed over the past 10 years? Send your thoughts to [email protected].