Microsoft

SOFTWARE GIANT Microsoft said today that it will extend its security bulletin advanced notification programme to all customers.
Starting this month, said VP Rich Kaplan at a conference this morning, Microsoft will publish a summary of planned bulletins three business days before the date it's published, which will be the second Tuesday of the month.

You can find details of that by going here, it said.

The notification provides details of the severity of possible security problems, as well as products that could be affected. You can register to be notified by email.

Microsoft still isn't ready to talk publicly about Office 12, its next major release of its information-worker family of products. But the company is briefing selected partners and customers about the forthcoming family of Office desktop and server products.

Microsoft has denied that a spoofing technique available on its Internet Explorer browser is a security vulnerability.

The software giant accepted the possibility that spoofing could occur on version six of IE, but rejected claims that this was a security flaw.

Cash machine networks could soon be more susceptible to computer viruses, a security firm has warned.
The warning is being issued because many banks are starting to use the Windows operating system in machines.

Already there have been four incidents in which Windows viruses have disrupted networks of cash machines running the Microsoft operating system.

But banking experts say the danger is being overplayed and that the risks of infection and disruption are small.

A UK GOVERNMENT REPORT into the viability of open source software has concluded that it is not only a credible alternative to proprietary software like Windows, it will also meet most of the requirements of desktop users.
The report, produced by the Office of Government Commerce (OCG), is an independent office of the Treasury, which holds the government's purse strings. It said that the main obstacles to implementing open source software are desktop applications, and the lack of apps to compete with large scale proprietary enterprise level products.

Microsoft Corp.'s chief executive believes it's naive to suggest the software giant can eliminate all security vulnerabilities in its various products even though engineers are trying hard to do so.

Hackers get smarter, too, Steve Ballmer told several thousand information-technology workers at the Gartner Symposium ITXPO.

But Mr. Ballmer said engineers were making progress, such as adding security enhancements to Windows Server 2003 when its next big update, Service Pack 1, comes out.

The British government is defending its decision to implement Microsoft Windows 2000 on some of its Navy fleet.

MPs and security experts have asked Ministry of Defence (MoD) minister Geoff Hoon to explain why the department has chosen to use the operating system on some of its submarines and ships instead of Unix.

The MoD has so far implemented Windows 2000 on its Type 45 Destroyer ship and some Trafalgar type submarines, but denied it has taken any decision to use it on its new nuclear submarine -- the Vanguard.

According to security researchers, recent updates to IE contain a serious fallback that
leaves systems once more vulnerable to a flaw that was fixed more than two years ago. This vulnerability, which involves how IE processes XML files, gives rise to information disclosure risks. The security bug was patched and closed back in Aug 2002, six months after Microsoft was initially notified about it by an Israeli firm. Microsoft rated the vulnerability as "moderate" when it fixed the flaw as part a cumulative update (MS02-047) to IE issued on August 22 2002.

Microsoft Corp's inclusion of a rudimentary on-by-default personal firewall in Windows XP Service Pack 2 has had so far minimal impact on other vendors and may prove a boon in future, the CEOs of two such companies said this week.

Symantec Corp CEO John Thompson, discussing the company's fiscal second quarter results, said Symantec's own client security software could be an "enormous benefactor" of the existence of Windows Firewall.

Antivirus companies say malware writers are undeterred by Microsoft’s $250,000 bounty after discovering another variant of the mass-mailing worm MyDoom over the weekend.

Since the start of 2004, the people responsible for creating MyDoom and Netsky have released on average more than one new variant every week. The latest version includes a message warning antivirus researchers to expect more of the same.