Bekker's Blog

Blog archive

More Equal than Others

Microsoft used the Black Hat USA conference in Las Vegas this week to announce one of its periodic rebalancings of its security patch program. This time, the company announced a program to give trusted security software vendors advance information about vulnerabilities and the creation of an exploitability index to help IT assess the importance of a given vulnerability.

The partner program is called the Microsoft Active Protections Program (MAPP). It's supposed to allow security software providers to protect their customers more quickly.

"In the race between exploit and protection, Microsoft is committed to shifting the advantage to the security industry. The Microsoft Active Protection Program gives security software providers the information and resources they need to help better protect customers," Andrew Cushman, director of security response and outreach, said in a statement.

Amen. One of the big issues with security patches is that they serve as a starting gun for both security vendors and IT departments to patch their systems and for criminals who try to develop exploits on the acknowledged vulnerabilities. The more lead time the good guys have to help their customers, the better. This actually seems like something that Microsoft has probably already been doing with some select vendors, and this MAPP announcement is an invitation for more security vendors to get involved.

Posted by Scott Bekker on August 06, 2008


Featured

  • Report: Cost, Sustainability Drive DaaS Adoption Beyond Remote Work

    Gartner's 2025 Magic Quadrant for Desktop as a Service reveals that while secure remote access remains a key driver of DaaS adoption, a growing number of deployments now focus on broader efficiency goals.

  • Windows 365 Reserve, Microsoft's Cloud PC Rental Service, Hits Preview

    Microsoft has launched a limited public preview of its new "Windows 365 Reserve" service, which lets organizations rent cloud PC instances in the event their Windows devices are stolen, lost or damaged.

  • Hands-On AI Skills Now Outshine Certs in Salary Stakes

    For AI-related roles, employers are prioritizing verifiable, hands-on abilities over framed certificates -- and they're paying a premium for it.

  • Roadblocks in Enterprise AI: Data and Skills Shortfalls Could Cost Millions

    Businesses risk losing up to $87 million a year if they fail to catch up with AI innovation, according to the Couchbase FY 2026 CIO AI Survey released this month.