Tuesday, January 30, 2007

Vulnerabilities and asset management

There's a little buzz going around right now over Microsoft's latest Security Advisory - "Vulnerability in Microsoft Word 2000 Could Allow Remote Code Execution". A few people are irritated simply that there's an attack doing the rounds, and yet there's no patch to download. Sure there's a patch - it's called "Office 2003". And in a couple of days, it'll be called "Office 2007".

It's not a surprise, then, to find that Office 2000 is vulnerable, but Office 2003 is not.

But this vulnerability should serve to remind you of another issue - that of your software asset management. Office 2000 is past mainstream support. Sure, it's on extended support until July of 2009, and that does mean that you'll get security updates for free - but it means you will have to pay for all non-security support calls (even if you have some "free calls" left over), as well as all non-security updates.

Read more HERE.

0 Comments:

Post a Comment

<< Home