Microsoft has recognised that its customers face an overwhelming battle against the proliferation of exploits targeting Microsoft products and has vowed to work more closely with other security software writers.>/b>
"As security threats become more sophisticated, the global security community must combine its resources," said George Stathakopoulos, general manager of security engineering and communications at Microsoft.
"No organisation can counter online attacks alone."
The company announced two security programmes at the Black Hat Conference running in Las Vegas this week. These are aimed at giving security software providers and customers better information.
One of the problems Microsoft and the users of its software face is the speed at which attacks are coded to exploit vulnerabilities. Zero day attacks are now the norm.
In response Microsoft has initiated the Active Protections Programme (MAPP) to give security software writers advance information about the vulnerabilities addressed by up-coming Microsoft security updates, so they can integrate their code with Microsoft's patches.
The company has also drawn up the Exploitability Index to provide guidance on the likelihood of exploits making it into the wild.
Essentially this enables customers to be more discerning about which patches they have to deploy and how quickly, depending on the associated vulnerability of their systems.
The Exploitability Index will be included as part of its monthly security bulletin release, said Microsoft.
Microsoft promises help to beleaguered patch customers
By Andrew Charlesworth on Aug 6, 2008 7:34AM