December's patch update from Microsoft is massive. The number of applications that have dependencies on the components that are changing is high and the number of patches marked as critical by Microsoft is a huge 6 out of a possible 8. And all this at a time when companies are about to go into their annual change freeze for the festive period. It all adds up to a big of a headache for IT operations departments.
ChangeBASE's analysis of the latest round of Microsoft security updates found that for one patch alone, 39% of applications tested contained copies of the operating system components that are being changed in the patches. Surprisingly, very few applications were attempting to use the core OS components. [For full report see AOK application compatibility lab report www.changebase.com ]
This in itself has highlighted a particular issue; the number of installation routines that contain core operating system components. Of course on much older versions of Windows many of the components that were required were not shipped as standard. This meant that program developers, and software vendors in particular, would ship the code as part of the installation routine. However on later versions of Windows where these were included, for example dcom95/98, vendors often still carry their own copies of these files. Their goal is to get their applications working at any cost. This gives rise to 2 problems. Firstly, if an application overwrites a later version of an OS file it will possibly cause other applications to malfunction where they are reliant on the latest version. Secondly they can open security holes that have been patched. Of course if they are installing their own PRIVATE copies it means that there are vulnerabilities still extant in the patched system.
The good news is that Vista seeks to overcome this problem for clients by blocking applications that try to install restricted OS components. This means that the OS and other applications are safeguarded from the actions of rogue installation routines. The bad news of course is that as yet, few organisations are benefiting from the advantages including the protection offered by Vista.
Until Vista or Windows 7 becomes the de facto standard vendors have a responsibility to manage their installation routines more carefully and remove, in some cases, large quantities of Microsoft code from their installation routines. Global corporations need to be aware of the issue and mange accordingly.
ChangeBASE AOK Patch Impact Monitor identifies in minutes applications that are affected by new Microsoft releases and provides detailed information on potential compatibility issues. This can cut the testing time down to the point that heavy testing can be done on a greater number of applications in a short period of time. This study has been carried out on a sample of more than 800 applications in our compatibility lab database.
For more information, please visit www.changebase.com or contact:
Compass Rose Marketing & PR
0203 239 9722
This press release was distributed by ResponseSource Press Release Wire on behalf of Compass Rose Marketing & PR in the following categories: Business & Finance, Computing & Telecoms, for more information visit https://pressreleasewire.responsesource.com/about.