Microsoft Offers Customers and Partners an Edge in Online Security With New Information-Sharing Programs
August 2008 by Marc Jacob
At the Black Hat USA 2008 conference, Microsoft Corp. introduced security-related programs that share early information with partners to help them protect customers quickly and effectively. The new programs also provide additional information and guidance to help customers evaluate risks and prioritize the deployment of Microsoft security updates.
Along with the predictability of Microsoft’s monthly security update process is the emergence of an undesirable cycle — the release of exploit code, related to those updates, sometimes within hours of release. Understanding this changing threat environment, Microsoft will offer the Microsoft Active Protections Program (MAPP), which gives security software providers advance information about vulnerabilities addressed by Microsoft security updates. This will allow security software providers to offer protections to customers quickly and effectively.
In addition, as part of the company’s ongoing effort to improve its guidance for customers, Microsoft announced its new Exploitability Index. Developed based on customer feedback, the Exploitability Index will provide customers with guidance on the likelihood of functional exploits being developed for vulnerabilities addressed by Microsoft security updates. This additional information helps customers better assess their unique risks and better prioritize deployment of the monthly security update. The Exploitability Index will be included as part of Microsoft’s monthly security bulletin release.
By investing in technology innovations, industry partnerships and customer guidance, Microsoft continues to seek ways to put organizations in control of their computing environments and help address online security.