Microsoft Details New Security Innovations at RSA Conference 2003, Europe

Company Unveils Rights Management Services, Outlines Investments To Further Protect Windows Users

AMSTERDAM, Netherlands, Nov. 4, 2003 — Today at RSA Conference 2003, Europe, Mike Nash, corporate vice president of the Security Business Unit at Microsoft Corp., detailed a series of new products and programs designed to help customers in Europe and around the globe enhance the security of their computers and networks. Among other topics, Nash discussed the release of Windows® Rights Management Services (RMS) for Windows Server™
2003, progress on patch management and new innovations such as the Next-Generation Secure Computing Base (NGSCB).

“Security is our highest priority and a core pillar of our Trustworthy Computing efforts,”
Nash said.
“To help address our customers’ security challenges, we are increasing our focus on software quality, addressing patch management complexities, and continuing to innovate with new products and safety technologies.’ By working closely with industry partners and industry participants, such as standards bodies and government agencies, we are committed to delivering a comprehensive approach for both businesses and consumers alike.”

Windows Rights Management Services (RMS) Released

Specifically, Nash announced availability of Windows RMS, information protection technology that works with RMS-enabled applications to help safeguard digital information from unauthorized use. RMS allows users to distribute information within organizations and define exactly how and under what circumstances it can be opened, modified, printed, forwarded and copied. Microsoft is working with a number of industry partners to develop RMS-enabled

applications and solutions based on the technology, which is built on the Microsoft® .NET Framework. During the keynote address, Nash demonstrated a solution from Omniva Policy Systems that extends RMS by providing advanced policy management and automated policy application for e-mail and attachments. The Microsoft Office System’s 2003 versions of Outlook® , Word, Excel and PowerPoint® are the first RMS-enabled applications from Microsoft. They have been publicly available since Oct. 21.

Commitment to Security and Patch Management Enhancements

Nash also described significant improvements to help reduce the complexity of security patch management, including new processes for distributing Microsoft patches in Europe and throughout the world. As proof, Nash said Microsoft has now adopted a monthly patch release process to reduce the burden on IT administrators by adding a level of predictability and manageability. Microsoft is also extending security patch support through June 2004 for Windows NT® Workstation 4 Service pack 6a and Windows 2000 Service Pack 2. In addition, the company will release Software Update Services 2.0 in the first half of 2004, providing a seamless patch, scanning and installation experience for Windows, Microsoft SQL Server™
, Microsoft Office System and Exchange Server.

New Safety Technologies

Microsoft is continuing efforts to weave security into the fabric of computing. Forthcoming security enhancements to Microsoft Windows XP and Windows Server 2003, delivered via service packs, will make Windows more resistant to attack, even when patches have not been installed. Windows XP Service Pack 2, currently targeted for release in the first half of 2004, will focus on protections against four key kinds of threats: port-based attacks, e-mail attacks, malicious Web content and buffer overruns. Windows Server 2003 Service Pack

1, scheduled to be released in the second half of 2004, will enable remote-access-connection client inspection and intranet client inspection in order to help protect corporate networks from potential infections introduced by mobile systems.

Next-Generation Secure Computing Base (NGSCB) Progress

Nash also demonstrated an early prototype of Microsoft’s upcoming Next-Generation Secure Computing Base (NGSCB), new security technology for the Microsoft Windows platform that will employ a unique hardware and software design to give people new kinds of security and privacy protections. The demonstration, which ran on a prototype of Intel Corp.’s LaGrande Technology, showed NGSCB features in action helping protect data against a series of sophisticated software attacks.

NGSCB is scheduled to be included as part of the next major release of Windows, code-named
“Longhorn,”
for use on computers with the required hardware support. Last week Microsoft delivered an NGSCB developer preview that enables independent software vendors and developers to begin building NGSCB applications in emulated environments. This week, the company distributed a paper titled
“Privacy-Enabling Enhancements in the Next-Generation Secure Computing Base,”
for industry comment. The paper is available at http://www.microsoft.com/ngscb/ .

Customers interested in learning more about Microsoft security and privacy initiatives should visit http://www.microsoft.com/security/ .

Founded in 1975, Microsoft (Nasdaq
“MSFT”
) is the worldwide leader in software, services and Internet technologies for personal and business computing. The company offers a

wide range of products and services designed to empower people through great software any time, any place and on any device.

Microsoft, Windows, Windows Server, Outlook, PowerPoint and Windows NT are either registered trademarks or trademarks of Microsoft Corp. in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft Web page at http://www.microsoft.com/presspass/ on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/presspass/contactpr.asp .

Related Posts

Q&A: Delivering on Secure Computing

As IT security experts gather for the annual RSA Conference, Mike Nash, head of Microsoft’s Security Business Unit, discusses how the company is acting on customer feedback to provide a more secure computing environment.