Today is Launch Day for 3 big products from Microsoft - Windows Server 2008, Visual Studio 2008 and SQL Server 2008.  Click on the image to learn more general information and participate in the virtual launch.  ws2008launch

I want to briefly salute some of the security improvement represented by these products.  This is not a comprehensive list, and I will certainly dig into some of these in more detail later, but it should give you a good idea:

  • Windows Server 2008
    • Building on the solid WS2003 security record, which was a huge step forward from Windows 2000.  As a tribute to 2003, please check out http://www.loneserver.com, a fun site about the last WS2003 in use in the MSCOM server network.
    • Architectural and defense-in-depth protections similar to those lauded in Windows Vista, such as ASLR, Services hardening, and general benefit of the latest generation of the SDL.
    • Server Core
    • Network Access Protection.   Policy driven health checks of machines before they are granted full network access.
  • SQL Server 2008
    • Built upon the incredible security record of SQL Server 2005, which has had zero vulnerabilities in the database code since it launched over 2 years ago.
    • Transparent encryption and improved security policy management capability
  • Visual Studio 2008
    • Latest generation of security source code scanning tools
    • New T-SQL Static code analysis
    • Linq (nothing to do with security, but it rocks!)

Regards,

Jeff