Week in Security: Microsoft Security Package, MyParty and New Products


Here's a rundown of some of the events, announcements and other happenings in information security last week:

%95Microsoft released a Windows 2000 Security Roll-up Package, which includes security patches that have come out since the release of Windows 2000 Service Pack 2 (SP2). Microsoft said the new security package provides an easier system for managing rollout of security fixes. The security roll-up can be applied only to Windows 2000 Professional, Server and Advanced Server systems with SP2. The roll-up package is available at: http://www.microsoft.com/windows2000/downloads/critical/q311401/default.asp

%95Antivirus vendors warned of a mass-mailing worm that fooled users by masquerading as a URL. Called MyParty, the worm arrives via e-mail with the subject line, "new photos from my party!" The body of the e-mail reads, "I have attached my web page with new photos" and includes an attachment, www.myparty.yahoo.com. When the attachment is opened, the worm spreads by mailing itself to all the addresses in the user's Windows Address book and addresses found in files with the extension .DBX.

%95Forsythe Solutions Group, a Chicago-based provider of IT infrastructure services, said it acquired the security integration and consulting services assets and contracts of Telenisus, Rolling Meadows, Ill. Financial terms of the deal were not disclosed.

%95The ASCII Group, a Bethesda, Md.-based solution provider organization, announced a partnership with Symantec that will provide the security vendor with access to the ASCII community of small to midsize resellers and marketing and training programs that will impact sales of the group's VARs.

%95Montreal-based Zero-Knowledge Systems released Enterprise Privacy Manager, which it said allows companies to effectively define, implement and manage corporate privacy policies and practices within the enterprise IT environment. The product is a three-tiered application written in J2EE-compliant Java and C++. The client and server components run on Windows 2000. Linux and Solaris will be added to future releases of the server. Pricing was not immediately available.

%95Tripwire, a Portland, Ore.-based provider of data integrity software, and netForensics, an Edison, N.J.-based maker of network security assessment software, said they will work together to integrate and jointly market their security products. Under the agreement, Tripwire's products will integrate with netForensics' Security Information Management technology.

%95NetScreen Technologies, Sunnyvale, Calif., announced a new certification program aimed at providing security education and training services for its partners and enterprise customers. Courses for the program can be taken either directly through NetScreen or through more than 10 new training centers.

%95RSA Security, Bedford, Mass., released a new version of its encryption software. BSAFE Crypto-C 6.0 allows companies to secure sensitive data residing on a file server, in a database, on a desktop or a Web browser, RSA said. The BSAFE Crypto-C 6.0 software development includes support to allow communication with smart cards, hardware security modules for secure key storage and cryptographic accelerator cards.

%95Neoteris, Sunnyvale, Calif., launched a channel partner program to support its instant virtual extranet products. The program provides qualified partners with volume-based product discounts, trial unit and beta-test opportunities, technical training and certification, and cooperative marketing and lead generation. Neoteris also said it raised approximately $15 million in Series B funding.

%95SonicWall, a provider of security appliances based in Sunnyvale, Calif., announced a deal with BellSouth under which the service provider will offer SonicWall's products to its FastAccess Internet Service SMB business customers..