But Wait, There's More
Windows 2000 Receives the Single Patch Tuesday Patch
As the rest of the IT world grapples with security exposures this month, May has been a relatively light month for vulnerabilities (or at least fixes) at Microsoft. Yesterday's Patch Tuesday extravaganza yielded just a single lonely Windows patch for a flaw in the Web Views part of Windows Explorer that only affects Windows 2000, and only rated "important" on Microsoft's feature severity scale (see "Microsoft Security Bulletin MS05-024"). Meanwhile, Apple had to contend with 20 flaws in a previous release of OS X release, just as OS X version 10.4, or "Tiger," hits the market. Also unveiling new patches this week was Mozilla, which fixed two flaws in its popular Web browser, Firefox, which has been stealing market share from Microsoft's Internet Explorer.
SQL Server SP4 Delivers X64 Support
The biggest reason to upgrade to the X64 version of Windows (read: faster database performance) became real last week when Microsoft made SQL Server 2000 Service Pack 4 available for download. With SQL Server 2000 SP4, you can run 32-bit SQL Server 2000 applications (except for 32-bit Reporting Services applications) on X64 servers running the new Windows Server 2003 X64 Edition operating system. This little feat of magic is brought to you courtesy of the new Windows on Windows (WOW64) emulator. In addition to the new platform support, SP4 brings support for MSXML version 3.0 SP6, and updates to the OPENXML statement. To download SP4, go to www.microsoft.com/sql/downloads/2000/sp4.asp.
Microsoft Extends Partnership with Tata to Target Telecoms
Microsoft and Tata Consultancy Services are tightening their partnership to target telecommunications providers. Yesterday the two companies announced they are advancing their strategic alliance, and that TCS--one of the largest Indian outsourcing providers, with 43,000 consultants and about $2.3 billion in revenues--will be participating in Microsoft's Connected Services Framework program, which allows telecommunications operators and service providers to create, aggregate, and provision converged communications services across multiple networks and a range of device types. TCS, which has offices worldwide, expects to sell the server-based offering in the European and EMEA markets through a new Connected Services Framework office it has set up in Hungary, where it has already partnered with Microsoft to help BT Retail roll out affordable and easy-to-use Web-based services to small businesses. TCS also expects the offering to be big in the Asia-Pacific region.
Midrange Modernization Tour Kicks Off in NYC
The Midrange Modernization Tour kicked off yesterday in New York City, where representatives from Microsoft and experts on IBM's midrange iSeries server converged to discuss strategies for integrating OS/400 applications with Windows applications, and in some cases, migrating OS/400 applications to Windows. The tour, which continues May 18 in Chicago and June 22 in Toronto, provides a forum for members of Microsoft's Midrange Alliance program to talk about their strategies for iSeries-Windows integration. Meanwhile, Microsoft has recruited another iSeries software vendor, HiT Software, to the Midrange Alliance. Silicon Valley-based HiT Software writes middleware that makes it easier for developers to integrate Windows applications with the DB2/400 database that is integrated with the iSeries' OS/400 operating system. For more information on the Midrange Alliance, visit www.microsoft.com/midrange.
Fair Isaac's Identify Fraud Software to Support Windows
Fair Isaac unveiled new software for fighting identity theft and other types of fraud at the Card Forum in Florida last week. The Falcon One suite is the latest generation of Fair Isaac's patented neural network models and profiling technology, which it first introduced 15 years ago, and which today protects two-thirds of the world's credit cards, according to Ted Crooks, vice president of fraud protection solutions at Fair Isaac. The company has several offerings within its Falcon family, including the Falcon Fraud Manager for credit card and debit card transaction fraud, and the Falcon ID solution for identity fraud protection. The products can be deployed together or on a stand-alone basis. The software currently runs on AIX and Solaris, with support for Windows planned, a company spokesperson says.
BZ Research Study Shows Linux More Secure than Windows
BZ Research has weighed in on the Linux-versus-Windows debate by polling some 6,344 software development managers about the strengths and weaknesses of both platforms. According to BZ Research's poll, about 58 percent of those surveyed said Windows Server was not secure or not very secure, compared to only 18 percent that claimed Linux servers were not secure or not very secure. Of those polled, 66 percent said Linux for servers was a secure platform, while only 30 percent said the same for Windows Server.
The company also polled people about the merits of proprietary versus open source software in other categories, and found that desktop Linux was deemed secure by 44 percent of respondents, compared to only 17 percent for proprietary alternatives (which means Microsoft Windows for all intents and purposes). Open source Web servers were deemed secure by 43 percent of those polled, compared to 14 percent for proprietary Web servers. Similarly, 38 percent of those surveyed said open source operating systems (Linux, various Unixes, BeOS, and so forth) were more secure as server platforms, compared to 22 percent for those rooting for proprietary server platforms; components and libraries for application development split 34 percent to 18 percent on the open source-proprietary question. Those surveyed did, however, put more trust into closed-source databases, with 34 percent believing proprietary databases were more secure, compared to 21 percent for open source.
Hackett Group to Probe Hidden Costs of SOX
The Hackett Group is embarking upon a benchmark study of the effects of the Sarbanes-Oxley Act that may show what many of you already suspect: that implementing SOX compliance is riddled with hidden costs and creates inefficiencies. The Atlanta firm says its study will provide detailed information on the total cost of implementing SOX financial reporting controls, show its sundry effects across IT, finance, HR, procurement, and sales organizations, and identify SOX "best practices," or the best way to comply with the law at the lowest cost. "Not too long ago, faxing invoices was considered a best practice," said Richard Roth, the company's chief research officer. "Today, the Internet enables electronic bill presentment as a proven technique for distributing invoices. Similarly, this study will begin to uncover the fundamental shift that SOX has made on our very definition of a best practice, while capturing the correlating techniques that improve controls and compliance activities at the lowest cost." To send us your SOX horror stories, click here.