Dramatic Reduction in Time to Fix Email Security Patches.FREMONT, Calif.--(BUSINESS WIRE)--Aug. 25, 1998-- TargetLink(tm) Deploys and Installs Patches for Microsoft Outlook For the e-mail and news client bundled with certain versions of Microsoft Windows, see . Microsoft Outlook or Outlook (full name Microsoft Office Outlook Express, Netscape or Eudora in Minutes, Sets Up Deployment to Thousands in Less Than 60 Minutes Recently, Microsoft, Netscape and Qualcomm were notified by AUSCERT (http://www.auscert.org.au), a Finnish tester at OUSPG OUSPG Oulu University Secure Programming Group (Finland) (http://www.oulu.fi/Welcome.html) and NTBugtraq (http://ntbugtraq.ntadvice.com) of a security vulnerability affecting the way the email clients See e-mail program. handle file attachments with extremely long file names File names that exceed the common eight plus three (8.3) character limitation used in DOS and Windows 3.1. Unix, Mac and Windows starting with Windows 95 support long file names. For compatibility with the 8. . This serious flaw affects the mail and news components of Netscape Communicator An earlier suite of Web browsing and groupware tools from Netscape that were packaged as a bundle starting with Navigator 4.0. Communicator refers to any Netscape Navigator product with a version number less than 6.0. 4.0 through 4.05 and Netscape Communicator 4.5 Preview Release 1 on the Windows 3.1, 95, 98, and NT platforms (see http://www.netscape.com). It also affects Qualcomm's Eudora Pro Email 4.0 for Windows and Eudora Pro Email 4.0.1 for Windows (see http://www.eudora.com) and Microsoft's Outlook 98 and Outlook Express (see http://www.microsoft.com/security). Since issuing the initial fixes on July 27th, Microsoft issued an updated security patch A fix to a program that eliminates a vulnerability exploited by malicious hackers. See vulnerability and patch. for Outlook 98 and Outlook Express on August 11th. The updated patches included the original fix and also addressed a variant of the original vulnerability found during continued testing. These patches addressed all known issues related to the recently reported e-mail security vulnerability. This has meant a great deal of urgent work for MIS staff to deploy the patch, sometimes to thousands of users with mixed desktop operating systems The control program in a user's machine (desktop or laptop). Also called a "client operating system," Windows is the overwhelming majority while the Macintosh comes second. There are also several versions of Linux for the desktop. Contrast with network operating system. . But Internet Image, Inc. has a solution that can reduce hundreds of hours of effort to just a few minutes, using an Application Deployment & Management (ADM See add/drop multiplexer. (language) ADM - A picture query language, extension of Sequel2. ["An Image-Oriented Database System", Y. Takao et al, in Database Techniques for Pictorial Applications, A. Blaser ed, pp. 527-538]. ) solution called TargetLink(tm). The downloaded Microsoft patch file (from http://www.microsoft.com/security/) is 1.13Mbytes. The security fix file was packaged and tested in less than 1 hour for automated deployment to Windows NT (Windows New Technology) A 32-bit operating system from Microsoft for Intel x86 CPUs. NT is the core technology in Windows 2000 and Windows XP (see Windows). Available in separate client and server versions, it includes built-in networking and preemptive multitasking. , Windows 98 and Windows 95, using TargetLink (see http://www.internetimage.com). It took 2 minutes to select the users and groups who required the patch and to approve a notification for mandatory installation. The TargetLink server took one minute per client to contact each targeted machine, and 30 seconds to perform a complete remote, unattended installation on each desktop. Therefore, the entire patch release was completed by the Systems Administrator in less than 1 hour for any number of clients, and each client took 90 seconds to obtain a fully installed patch. Because TargetLink has a scheduling feature, the security fix can be deployed overnight to thousands of users; further, TargetLink will deploy rapid, automated upgrades for any desktop including UNIX UNIX Operating system for digital computers, developed by Ken Thompson of Bell Laboratories in 1969. It was initially designed for a single user (the name was a pun on the earlier operating system Multics). , PC and Mac. This was successfully tested using the test email case from http://www.geek-girl.com/bugtraq/1998_3/0349.html. Using this technique for deploying email security patches, MIS staff have five key advantages: 1) Remote Unattended Install (no more sneakernet), 2) Test before install, so that they know the patch will work for all desktops, 3) End users do not have to do the patch install themselves, 4) Automated reports back, to know who has and who has not installed the patch, so that the security hole can be patched completely, and 5) when the inevitable next patch is released, the entire process will be very fast and painless. Beyond Push(tm), the technology behind TargetLink, provides remote unattended "lights out" installation of software applications, upgrades and even patches - as well as data distribution - using both Push and Pull techniques, while providing systems administration tracking of users and groups. "Push" refers to the "Guaranteed Delivery" requirement for MIS Managers to mandate some deployments, and "Pull" is defined as end user subscription to selected information or software. Application Deployment and Management is a new category in the software industry, incorporating solutions that provide such features as user and group tracking, so that IT Managers know the status of downloads and installations; "lights-out" installation; MIS and User scheduling of downloads and the packaging of upgrades and installations to provide the choice of the most effective method for deployment. Pricing for TargetLink starts at $7,800 for 100-users, running on either Windows NT or UNIX servers. Client platforms include PC, UNIX workstations and Power Macintosh See Power Mac. (computer) Power Macintosh - Apple Computer's personal computer based on the PowerPC, introduced on 1994-03-14. Existing 680x0 code (both applications and device drivers) run on Power Macintosh systems without modification via a Motorola 68LC040 emulator. . Internet Image Inc. headquarters are located at 39560 Stevenson Place, Suite 119, Fremont, CA 94539. Phone: 510/739-2020. Fax: 510/739-0703. The Web site address is http://www.internetimage.com. NOTE TO EDITORS: TargetLink and BeyondPush are trademarks of Internet Image, Inc. Windows, Windows 95, and Windows NT are trademarks of Microsoft. Java and Solaris are trademarks of Sun MicroSystems Sun Microsystems, Inc. (NASDAQ: JAVA[3]) is an American vendor of computers, computer components, computer software, and information-technology services, founded on 24 February 1982. . Macintosh is a trademark of Apple Computer, Inc. UNIX is a registered trademark of The Open Group. All other products and services listed herein are trademarks of their respective companies. Keywords: Email Security Fix, Patch, Microsoft, Qualcomm, Eudora, Netscape, Communicator, Outlook Express, Electronic Software Distribution, Push, Software Installation, Byte-level differencing, Remote installation, Deployment, ADM, ESD (1) (Electronic Software Distribution) Distributing new software and upgrades via the network rather than individual installations on each machine. See ESL. , Push, Software Installation, Application deployment, Distribution, Help desk, Y2K See Y2K problem and Y2K compliant. Y2K - Year 2000 , Deployment.
CONTACT: Internet Image Inc.
Ray Thackeray, 510/739-2030 ext. 102
FAX: 510/739-0703
rayt@internetimage.com
|
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion