Feature

Will Windows Server 2008's delay affect your security?

Recently, Microsoft announced that the long-anticipated release of Windows Server 2008 would be delayed until early next year. Actually, Microsoft does not consider this a delay, noting that the new server operating system (OS) will still be released to manufacturing late this year, adhering to the timeline Chairman Bill Gates referred to at the Windows Hardware Engineering Conference (WinHEC) in May.

Windows Server 2008 features
New features in Windows Server 2008

Windows Server 2008 features worth watching

Delay or not, Microsoft Windows Server 2008 will not be released until the end of February 2008, so its security features will not be available until more than a year after the release of Windows Vista, the desktop side of the formerly code-named Longhorn OS.

It is easy to forget that Vista and Windows Server 2008 were once lumped together under the single moniker of Longhorn. Microsoft envisioned Longhorn as part of 2002's Trustworthy Computing initiative. This initiative was Microsoft's answer to the spate of business-halting viruses that exploited myriad Windows vulnerabilities throughout the early part of this decade. Trustworthy Computing meant that Microsoft would re-architect its development process to focus on creating secure code and, ultimately, a more secure OS.

Industry pundits and administrators hailed the Trustworthy Computing initiative as a promising step forward. Microsoft was acknowledging the flaws inherent in its OS design and taking steps to develop more secure software.

That was six years ago. In the meantime, administrators are still applying patches, constructing workarounds, reconfiguring exploitable default settings. Does that mean that administrators should be concerned with this latest delay? Probably not. Microsoft has yet to improve the lot of administrators toiling away trying to lock down a feature-rich but insecure OS. But the real question is whether the idea that technology will solve security problems is a pipe dream. As has always been the case, administrators cannot depend on Microsoft to solve security problems. In a perfect world, it would be Microsoft's responsibility -- but the world is far from perfect.

About the author: Benjamin Vigil is a former SearchWindowsSecurity.com editor.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

This was first published in August 2007

 

COMMENTS powered by Disqus  //  Commenting policy