Home > Computers and Internet > WMF Vulnerability Webcast: Microsoft Security Process Questions Remain

WMF Vulnerability Webcast: Microsoft Security Process Questions Remain

09-Jan-06 07:12 pm EST Leave a comment Go to comments
(Crossposted from professional blog…)
 

Well there was some interest expressed in what came of this last week, so thought I’d take a moment to describe here what transpired.  The webcast was the largest I’ve ever attended – the LiveCast seating grid located in the bottom-left of the screen (for those familiar with Live Meeting) was a greyish haze. 🙂  And the litle green dots representing those “seated” for the event was about 60% full.

While I didn’t devote 100% of my attention to the webcast (was working on portal cirriculum while it was going on), the subject matter dealt mostly with the nature of the .wmf file vulnerability, it’s causes and system impact potential – which represented a considerable threat to Windows systems everywhere & was a high-profile issue for Microsoft.  Questions following the presentation focussed on processes for patch install over an Enterprise network, who should install, underwhat circumstances (which pretty much was everyone / any & all circumstances).  But the presenters touched on one subject that caught my ear: the process involved in Microsoft establishing a vulnerability & the escallation process prior to the release of a patch.  This, because there were a number of 3rd-party patches released on this particular vulnerability (because of the threat level one would imagine) before Microsoft was able to get the “official” patch released.

Now Microsoft’s credit (and I’m speaking as a MS technology advocate) they obviously treated this threat very seriously and speared few if any resources getting it resolved.  Yet the bare fact others beat them to the punch leaves open the question about whether they couldn’t have released this patch sooner.  The process the software giant usually follows in dealing with issues – regardless of severity – is to release a collection of patches on the second Tuesday (I believe) of the month, every month.  In this case that would have had them releasing on January 10th, but under public presssure they opted for a single issue release last week, which was posted to http://microsoftupdate.microsoft.com as well.  Were they holding back at any point – and then just eventaully deciding to do the single-issue release because of the public outcry?

I decided to put that question to the presenters and initially got back a response that they might not get to all the questions put to them today….except they were clearly running out of questions early in the presentation and were even waiting for people to put questions toward the end.  I posted a request for information on the process and whether there was any “holding back” this release, but got no answer before the end.  For me, this still leaves me with a kind of nebulous idea as to how severe an issue needs to get before Microsoft addresses the issue.

They did take some additional steps to quell the severity of the issue when it first became known, including advising authorities of any websites posting .wmf images trying to take advantage of the vulnerability and contacting ISPs to down any websites with suspect .wmf files posted on websites – which is very proactive and apparently did have some impact on limiting the damage early in the game.

For more information on the subject of the webcast, or to obtain a copy of the powerpoint slides used in the presentation; see http://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?EventID=1032277895&EventCategory=5&culture=en-US&CountryCode=US.

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Terry Glavin

CHRONICLES

Techno Manor

Geek's Corner

VM.Blog.

an IT blog.. and an occasional rant

Yammer Site Status

Is Yammer down? Offline? Broken? Undergoing scheduled maintenance? When will it be back? Find out here.

jalalaj

A journey full of wonderful experiences

Azure and beyond

My thoughts on Microsoft Azure and cloud technologies

TechCrunch

Startup and Technology News

Ottawa Citizen

Ottawa Latest News, Breaking Headlines & Sports

National Post

Canadian News, World News and Breaking Headlines

Targeted individuals's

One Government to rule them all.

Joey Li's IT Zone

Everything about IT

jenyamatya

Unravelling the magik of code...

The Bike Escape

Because Cycling is Life

The Ross Report

Now you know where you need to know more...

Lights in the Dark

A journal of space exploration

Strength Rehabilitation Institute

Bridging the gap between physiotherapy and exercise.

The Ross Report

Now you know where you need to know more...

Little Girl's Mostly Linux Blog

Nothing to see here. Move along...

David Eedle

Geek, tech, programmer, business owner. Serial starter of things. Occasional finisher. Oh, and please don't call me Dave.

%d bloggers like this: