2008: Year of the Vista Patch?

Just moments after Microsoft rolled out its last seven patches of 2007, security experts were prognosticating all over cyberspace, mainly pointing out the overwhelming number of fixes related to the Vista operating system in the December release alone.

Eric Schultze, chief technology officer of St. Paul, Minn.-based Shavlik Technologies, even went so far as to say 2008 would be the year of the "Vista Patch."

It looks like IT pros won't even have to wait that long to get a gander at some of the holes to be plugged via hotfixes and security patches in the forthcoming Vista SP 1 release. Microsoft last week released a comprehensive list of more than 300 security hotfixes to be included in SP1.

Many of the fixes--ranging from the OS itself to related applications and services such as Internet Explorer, Excel, Visual Studio, and even Unix migration--are already in existence from successive Patch Tuesdays and can be downloaded and patched individually. But there are lots of new issues as well.

"Given what we've seen, what we are seeing and what we will see with this operating system, I would certainly expect the coming year to be full of Vista Patches," said Schultze.

According to Redmond, among the major aspects of SP1 will be improved remote security, especially regarding Remote Desktop Protocol files. RemoteApp programs can be accessed remotely through Terminal Services but appear as if they're running on the end user's local PC. Redmond is stepping up its commitment to security for desktop users communicating with servers running Terminal Services.

SP1 will also enhance OS performance on PCs connected to virtual private networks and other virtual machine peripherals, according to the software giant.

Additionally, as previously reported, application programming interfaces (APIs) will be configured in SP1 to help independent software vendors develop programs and applications extending the functionality of the Windows kernel. BitLocker encryption and a revamped Windows Security Center are also on that list.

As with all patch announcements and releases from Redmond, the list is subject to change, either contracting or expanding ahead of the official release of the service pack. Microsoft also stated in the list's abstract that "newer hotfixes and security updates will continue to be included in the Service Pack until closer to the release date."

About the Author

Jabulani Leffall is a business consultant and an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others. He consulted for Deloitte & Touche LLP and was a business and world affairs commentator on ABC and CNN.

Featured