Security Watch
ASP.NET Fix Is Out
Microsoft released an out-of-band patch today that addresses the ASP.NET vulnerability previously described by Security Advisory 2416728.
Specifically the patch resolves complication stemming from a bug in ASP.NET that, in turn, affects all versions of the .NET Framework when used on Windows Server.
The software giant says most regular users of Windows systems aren't vulnerable unless they are running a Web server from their computer. However, enterprise Windows IT pros running with a network environment having anything to do with .NET should take a look at this.
"Based on our comprehensive monitoring of the threat landscape, we have determined an out-of-band release is needed to protect customers as we have seen limited attacks and continued attempts to bypass current defenses and workarounds, said Dave Forstrom, Microsoft's director of trustworthy computing, in this blog post.
Symantec Aims for 'Ubiquity'
Anti-virus and malware detection software behemoth Symantec plans to announce the rollout of a new reputation-based security technology, code-named "Ubiquity," across its entire enterprise security software portfolio.
The company says that unlike traditional malware protection, which requires security vendors to capture and analyze specific strains of malware, this technology enables Symantec to "identify risks by context rather than content."
"This proprietary technology relies on automated feedback generated by the anonymous software usage patterns of Symantec's customers and sophisticated data mining algorithms to compute safety ratings for virtually all files on the Internet," Symantec said in an e-mailed statement.
The company will elaborate on the initiative at its upcoming Vision 2010 EMEA Conference in Barcelona.
Redmond Targets SMB with Security Essentials
What started out as a free anti-virus software application for consumers, Microsoft Security Essentials will now be pitched to the small- and medium-sized business segment, according to this blog post.
Redmond will roll out the free service to SMB clients beginning in October and promises that the software will help MSPs "reduce operating costs," "improve productivity," and foster business growth -- all of this in a "very challenging economic climate."
If this rollout does catch on in the SMB space, it will be interesting to see when and how quick Microsoft will try to move up into the enterprise area and begin to challenge rivals such as Symantec, Sophos and McAfee. The last one is interesting: McAfee was recently acquired by Intel, and Intel wants to create an embedded security architecture inside its chips for mobile devices and high-performance PCs.
About the Author
Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.