Steve Ballmer Delivers On A Security Promise - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

02:03 PM
John Foley
John Foley
Connect Directly

Steve Ballmer Delivers On A Security Promise

When Microsoft CEO Steve Ballmer disclosed this week that several new tools for software patch management are now available, he was delivering on a two-year-old promise to relieve one of the most acute pain points for many IT departments.

When Microsoft CEO Steve Ballmer disclosed this week that several new tools for software patch management are now available, he was delivering on a two-year-old promise to relieve one of the most acute pain points for many IT departments. The drawn-out process of downloading, testing, and redistributing frequently issued Windows patches has been unduly difficult because Microsoft's own products for managing things were outdated. Ballmer and Microsoft chairman Bill Gates have staked their reputations on fixing the problem.

At Microsoft's TechEd 2005 conference in Orlando this week, Ballmer announced four key pieces of Microsoft's new-and-improved patch-management platform. Available immediately are Microsoft Update, a one-stop Web site where consumers and small business employees can find software updates for a variety of Microsoft products, and Windows Server Update Services, add-on software to Windows Server 2003 that lets IT administrators automate patch distribution. By mid-July, Microsoft also plans to release an inventory tool for Systems Management Server 2003 that ties into both of those new products, and Microsoft Baseline Security Analyzer 2.0, which will help smaller businesses detect missing software updates and related concerns.

The background on Windows Server Update Services is worth remembering. Its predecessor was something called Software Update Services 1.0, which runs on Windows 2000 Server. (Notably, the new Windows Server Update Services is available only for Windows Server 2003, which means it can't be used by the many companies that aren't running Microsoft's latest server operating system.) Software Update Services was based on the same back-end technology that's been powering Microsoft's Windows Update Web site since 1998. (The new Microsoft Update site is a much-needed modernization of the Windows Update site.) In other words, the underlying technology in Microsoft's patch-management tools is from the Windows 98 era.

Back in the fall of 2003, when IT managers were up in arms over the escalating security vulnerabilities in Microsoft products, Ballmer made a big deal out of the company's plans to improve patch management. Customers and partners "have been pounding us, pounding us, pounding us, for better patch automation solutions," the feisty CEO said in an October 2003 speech at Microsoft's Worldwide Partner Conference in New Orleans. At the time, the plan was to deliver Windows Server Update Services (originally dubbed Software Update Services 2.0, then later Windows Update Services) in the first half of 2004. Then it got bumped into the second half of '04, then delayed again to the first half of '05. (See my blog on the delays from July 2004.)

Finally, a year late, Windows Server Update Services is here. It will be interesting to see what kind of a difference it and Microsoft's other new patch technologies make in easing what's become a full-time job for too many system administrators. To its credit, Microsoft has already made other significant changes to its patch-distribution approach, including the move to a predictable once-a-month release schedule. A new report by Microsoft partner Wipro Technologies comes to the conclusion that Windows PCs and servers are less expensive to patch than Linux machines. It was sponsored by Microsoft and audited by the Meta Group.

The real proof will come when IT departments begin to transition the resources they now devote to patch testing and distribution to higher-value tasks, and do so with the confidence they have more secure Windows infrastructures. If and when that day arrives, Ballmer and Gates will have delivered on their promises in a more important way.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Get Your Enterprise Ready for 5G
Mary E. Shacklett, Mary E. Shacklett,  1/14/2020
Modern App Dev: An Enterprise Guide
Cathleen Gagne, Managing Editor, InformationWeek,  1/5/2020
9 Ways to Improve IT and Operational Efficiencies in 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/2/2020
Register for InformationWeek Newsletters
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll