Microsoft faces a critical decision in its three-month pursuit of Yahoo this week after its latest attempt to bring the embattled internet company to the negotiating table looked to have failed over the weekend.
The pressure on Microsoft to act mounted after Yahoo called the software company's latest bluff, refusing to be drawn into takeover talks in spite of a three-week ultimatum that expired on Saturday.
The former CEO of Fast Search & Transfer will lead Microsoft (NSDQ: MSFT)'s effort to create a single enterprise search platform based on Microsoft Search Server 2008 Express, Microsoft Office SharePoint Server 2007 search, and Fast ESP.
Microsoft on Friday reported the appointment in announcing the consummation of its $1.2 billion acquisition of Fast.
John Markus Lervik will transition to become Microsoft's corporate VP of enterprise search and will report to Jeff Teper, Microsoft's VP of its Office Business Platform.
Microsoft is denying that a recent rash of Web server attacks are the company's fault.
In a blog posted late Friday night, Bill Sisk, of the Microsoft Security Response Center, wrote that the attacks are not due to any new or unknown security flaws in Internet Information Services or Microsoft SQL Server. Rather, he says, the attacks are made possible by SQL injection exploits and points Web developers to the company's list of best practices to prevent such attacks.
Patch Tuesday could be Exploit Tuesday if malicious hackers escalate the rate at which they reverse engineer security patches.
Imagine the mayhem when the usual crew of Chinese and Russian hackers start cranking out exploits against flaws with new patches in minutes instead of days. Automatic patch-based exploit generation has been discussed and tested by a group of academic researchers.
Weak quarterly sales of Windows software and a below-target profit forecast for the current quarter overshadowed a strong outlook for the year ahead from Microsoft, driving its shares down 5% Thursday.
The world's largest software maker also pressed its attack on takeover target Yahoo as Chief Financial Officer Chris Liddell told analysts time was of the essence for a deal and he saw no evidence that a $44 billion offer undervalued the faded Web star.
Microsoft says it will release Windows XP Service Pack 3 by the end of the month, dropping the final shoe needed to complete its NAC architecture, which it calls network access protection (NAP).
The NAP client software is already part of Windows Vista, which is not as widely distributed as XP, so releasing the new service pack will boost the number of NAP-ready endpoints in corporate networks.
A massive cyberattack is targeting vulnerable Internet Information Server-based Web pages by redirecting visitors to the site toward one hosting malicious code, and it's growing rapidly.
When Panda Security first noted the infestation, it put the number of infected IIS servers at 282,000. Not even a day later and security firm F-Secure wrote its own blog entry, putting the infestation at over 500,000.
Last month, when I wrote about hacker Cesar Cerrudo's (left) plans to punch holes in the security model of Microsoft's brand-new Windows Server 2008, Redmond officials pinged me to stress that his presentation "describes design issues and does not describe a new vulnerability."
Late on Thursday Microsoft released an advisory about a new privilege escalation vulnerability affecting IIS and SQL Server on Windows XP, 2003, Vista, and Server 2008.
It’s likely that this is the same flaw discussed by Cesar Cerrudo in his talk, “Token Kidnapping”, at the HITB Security Conference 2008 in Dubai. Cerrudo had discovered a privilege-escalation vulnerability earlier, and said in March, “Design weaknesses can be abused on Windows XP, Vista, Internet Information Services 7 and Windows Server 2003 and 2008”.
Heck if I know, because Microsoft won't officially say. But Neowin claims inside information that I can't confirm.
You would think that Windows XP Service Pack 3's arrival would be news Microsoft would trumpet, particularly following a gargantuan leak. But n-o-o-o.
Here's the release schedule Neowin claims:
* Yesterday: Support for release version, which suggests RTM. If that happened, nobody has said.
* April 21: SP3 release through Connect, MSDN, OEM, TechNet and volume license channels.
