RealNews

Microsoft's latest patch raises questions about its tools

Questions are being raised about how well Microsoft’s own tools for scanning and patching are working to apply its most recent patch, MS04-003, to correct security vulnerabilities associated with what’s called the Microsoft Data Access Component. Popular online forum NTBugtraq this week filled with discussion about problems many users are experiencing when applying Microsoft’s MDAC patch to servers and workstations. One vendor, ConfigureSoft, has its own take on the issue. According to Randy Streu, the company’s vice president of product management, the problem isn’t the patch itself but three of Microsoft’s scanning and patch tools: Baseline Security Analyzer, SUS and Windows Update. All three are misfiring in the MDAC patching process. MDAC is a software component broadly used in Microsoft applications to gain database access. According to ConfigureSoft, the tools are failing to tell the user they have to upgrade their machines, for instance by adding a particular Microsoft Service Pack, in order to apply the patch. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.